CVE-2023-2640

Related Files

Ubuntu Security Notice USN-6285-1

Posted Aug 14, 2023

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6285-1 - It was discovered that the NTFS file system implementation in the Linux kernel did not properly check buffer indexes in certain situations, leading to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information. Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges.

tags | advisory, kernel, local

systems | linux, ubuntu

advisories | CVE-2022-48502, CVE-2023-2640, CVE-2023-2898, CVE-2023-31248, CVE-2023-32629, CVE-2023-3390, CVE-2023-35001, CVE-2023-3609, CVE-2023-3610, CVE-2023-3611, CVE-2023-3776, CVE-2023-38430, CVE-2023-38432, CVE-2023-3863

SHA-256 | c7303f43ba77d16cc931ee8b1c0d2f16d00a561cedb386fa837bfed417cd59f3

Download | Favorite | View

Ubuntu Security Notice USN-6260-1

Posted Jul 27, 2023

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6260-1 - It was discovered that the NTFS file system implementation in the Linux kernel did not properly check buffer indexes in certain situations, leading to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information. Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges.

tags | advisory, kernel, local

systems | linux, ubuntu

advisories | CVE-2022-48502, CVE-2023-2640, CVE-2023-3090, CVE-2023-31248, CVE-2023-3141, CVE-2023-32629, CVE-2023-3389, CVE-2023-3390, CVE-2023-35001

SHA-256 | a4384a0d58c965d16d9a12fe71bc79afb9b36f12a4660d6419a9dae8338f976a

Download | Favorite | View

Ubuntu Security Notice USN-6250-1

Posted Jul 26, 2023

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6250-1 - Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local

systems | linux, ubuntu

advisories | CVE-2023-2640, CVE-2023-3090, CVE-2023-31248, CVE-2023-32629, CVE-2023-3269, CVE-2023-3389, CVE-2023-3390, CVE-2023-35001

SHA-256 | a3c2bee7fb44adf555ec4f0c4513eec063216c00e3541ec88c1729871be7fb50

Download | Favorite | View

Ubuntu Security Notice USN-6248-1

Posted Jul 26, 2023

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6248-1 - It was discovered that the network queuing discipline implementation in the Linux kernel contained a null pointer dereference in some situations. A local attacker could use this to cause a denial of service. It was discovered that a race condition existed in Adreno GPU DRM driver in the Linux kernel, leading to a double-free vulnerability. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local

systems | linux, ubuntu

advisories | CVE-2022-47929, CVE-2023-21106, CVE-2023-2640, CVE-2023-31248, CVE-2023-32629, CVE-2023-3389, CVE-2023-35001

SHA-256 | b8f3da6963dc1b1e3cc8907b151d7eea0916cee6b2d4a566e0162f800b0fab21

Download | Favorite | View