cvelistv5 - cve-2023-2612

CVE-2023-2612 (GCVE-0-2023-2612)

Vulnerability from cvelistv5 – Published: 2023-05-30 23:12 – Updated: 2025-02-13 16:44

Summary

Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service (kernel deadlock).

Severity ?

4.4 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-667

Assigner

canonical

References

URL

Tags

	https://git.launchpad.net/~ubuntu-kernel/ubuntu/+…	patch
	https://ubuntu.com/security/CVE-2023-2612	vendor-advisory
	https://ubuntu.com/security/notices/USN-6122-1	vendor-advisory
	https://ubuntu.com/security/notices/USN-6123-1	vendor-advisory
	https://ubuntu.com/security/notices/USN-6124-1	vendor-advisory
	https://ubuntu.com/security/notices/USN-6127-1	vendor-advisory
	http://packetstormsecurity.com/files/173087/Kerne…

Impacted products

	Vendor	Product	Version
	Canonical Ltd.	ubuntu-linux	Affected: 0 , < 02b47547824b1cd0d55c6744f91886f04de8947e (commit)

Credits

Jean-Baptiste Cayrou

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T06:26:09.708Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "patch",
              "x_transferred"
            ],
            "url": "https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/kinetic/commit/?id=02b47547824b1cd0d55c6744f91886f04de8947e"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://ubuntu.com/security/CVE-2023-2612"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://ubuntu.com/security/notices/USN-6122-1"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://ubuntu.com/security/notices/USN-6123-1"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://ubuntu.com/security/notices/USN-6124-1"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://ubuntu.com/security/notices/USN-6127-1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-2612",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-10T16:47:19.729691Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-10T16:48:03.535Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/kinetic/refs/",
          "packageName": "ubuntu-linux",
          "platforms": [
            "Linux"
          ],
          "product": "ubuntu-linux",
          "repo": "https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/kinetic/",
          "vendor": "Canonical Ltd.",
          "versions": [
            {
              "lessThan": "02b47547824b1cd0d55c6744f91886f04de8947e",
              "status": "affected",
              "version": "0",
              "versionType": "commit"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Jean-Baptiste Cayrou"
        }
      ],
      "datePublic": "2023-05-30T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service (kernel deadlock)."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-25",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-25"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-667",
              "description": "CWE-667",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-06-22T14:06:39.212Z",
        "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
        "shortName": "canonical"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/kinetic/commit/?id=02b47547824b1cd0d55c6744f91886f04de8947e"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://ubuntu.com/security/CVE-2023-2612"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://ubuntu.com/security/notices/USN-6122-1"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://ubuntu.com/security/notices/USN-6123-1"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://ubuntu.com/security/notices/USN-6124-1"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://ubuntu.com/security/notices/USN-6127-1"
        },
        {
          "url": "http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html"
        }
      ],
      "title": "shiftfs lock unbalance in Ubuntu-specific kernels"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
    "assignerShortName": "canonical",
    "cveId": "CVE-2023-2612",
    "datePublished": "2023-05-30T23:12:29.867Z",
    "dateReserved": "2023-05-10T01:02:51.624Z",
    "dateUpdated": "2025-02-13T16:44:50.457Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"902B8056-9E37-443B-8905-8AA93E2447FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"359012F1-2C63-415A-88B8-6726A87830DE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:22.10:*:*:*:-:*:*:*\", \"matchCriteriaId\": \"47842532-D2B6-44CB-ADE2-4AC8630A4D8C\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service (kernel deadlock).\"}]",
      "id": "CVE-2023-2612",
      "lastModified": "2024-11-21T07:58:55.937",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"security@ubuntu.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 4.4, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 0.8, \"impactScore\": 3.6}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 4.7, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.0, \"impactScore\": 3.6}]}",
      "published": "2023-05-31T00:15:10.257",
      "references": "[{\"url\": \"http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html\", \"source\": \"security@ubuntu.com\"}, {\"url\": \"https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/kinetic/commit/?id=02b47547824b1cd0d55c6744f91886f04de8947e\", \"source\": \"security@ubuntu.com\", \"tags\": [\"Mailing List\", \"Patch\"]}, {\"url\": \"https://ubuntu.com/security/CVE-2023-2612\", \"source\": \"security@ubuntu.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://ubuntu.com/security/notices/USN-6122-1\", \"source\": \"security@ubuntu.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://ubuntu.com/security/notices/USN-6123-1\", \"source\": \"security@ubuntu.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://ubuntu.com/security/notices/USN-6124-1\", \"source\": \"security@ubuntu.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://ubuntu.com/security/notices/USN-6127-1\", \"source\": \"security@ubuntu.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/kinetic/commit/?id=02b47547824b1cd0d55c6744f91886f04de8947e\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Patch\"]}, {\"url\": \"https://ubuntu.com/security/CVE-2023-2612\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://ubuntu.com/security/notices/USN-6122-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://ubuntu.com/security/notices/USN-6123-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://ubuntu.com/security/notices/USN-6124-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://ubuntu.com/security/notices/USN-6127-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "security@ubuntu.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"security@ubuntu.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-667\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-667\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-2612\",\"sourceIdentifier\":\"security@ubuntu.com\",\"published\":\"2023-05-31T00:15:10.257\",\"lastModified\":\"2024-11-21T07:58:55.937\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service (kernel deadlock).\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@ubuntu.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":4.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.8,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":4.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.0,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security@ubuntu.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-667\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-667\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"902B8056-9E37-443B-8905-8AA93E2447FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"359012F1-2C63-415A-88B8-6726A87830DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:22.10:*:*:*:-:*:*:*\",\"matchCriteriaId\":\"47842532-D2B6-44CB-ADE2-4AC8630A4D8C\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html\",\"source\":\"security@ubuntu.com\"},{\"url\":\"https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/kinetic/commit/?id=02b47547824b1cd0d55c6744f91886f04de8947e\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://ubuntu.com/security/CVE-2023-2612\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://ubuntu.com/security/notices/USN-6122-1\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://ubuntu.com/security/notices/USN-6123-1\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://ubuntu.com/security/notices/USN-6124-1\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://ubuntu.com/security/notices/USN-6127-1\",\"source\":\"security@ubuntu.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/kinetic/commit/?id=02b47547824b1cd0d55c6744f91886f04de8947e\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://ubuntu.com/security/CVE-2023-2612\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://ubuntu.com/security/notices/USN-6122-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://ubuntu.com/security/notices/USN-6123-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://ubuntu.com/security/notices/USN-6124-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://ubuntu.com/security/notices/USN-6127-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/kinetic/commit/?id=02b47547824b1cd0d55c6744f91886f04de8947e\", \"tags\": [\"patch\", \"x_transferred\"]}, {\"url\": \"https://ubuntu.com/security/CVE-2023-2612\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://ubuntu.com/security/notices/USN-6122-1\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://ubuntu.com/security/notices/USN-6123-1\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://ubuntu.com/security/notices/USN-6124-1\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://ubuntu.com/security/notices/USN-6127-1\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T06:26:09.708Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-2612\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-01-10T16:47:19.729691Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-01-10T16:47:58.742Z\"}}], \"cna\": {\"title\": \"shiftfs lock unbalance in Ubuntu-specific kernels\", \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Jean-Baptiste Cayrou\"}], \"impacts\": [{\"capecId\": \"CAPEC-25\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-25\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4.4, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"repo\": \"https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/kinetic/\", \"vendor\": \"Canonical Ltd.\", \"product\": \"ubuntu-linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"02b47547824b1cd0d55c6744f91886f04de8947e\", \"versionType\": \"commit\"}], \"platforms\": [\"Linux\"], \"packageName\": \"ubuntu-linux\", \"collectionURL\": \"https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/kinetic/refs/\"}], \"datePublic\": \"2023-05-30T00:00:00.000Z\", \"references\": [{\"url\": \"https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/kinetic/commit/?id=02b47547824b1cd0d55c6744f91886f04de8947e\", \"tags\": [\"patch\"]}, {\"url\": \"https://ubuntu.com/security/CVE-2023-2612\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://ubuntu.com/security/notices/USN-6122-1\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://ubuntu.com/security/notices/USN-6123-1\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://ubuntu.com/security/notices/USN-6124-1\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://ubuntu.com/security/notices/USN-6127-1\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service (kernel deadlock).\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-667\", \"description\": \"CWE-667\"}]}], \"providerMetadata\": {\"orgId\": \"cc1ad9ee-3454-478d-9317-d3e869d708bc\", \"shortName\": \"canonical\", \"dateUpdated\": \"2023-06-22T14:06:39.212Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-2612\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-02-13T16:44:50.457Z\", \"dateReserved\": \"2023-05-10T01:02:51.624Z\", \"assignerOrgId\": \"cc1ad9ee-3454-478d-9317-d3e869d708bc\", \"datePublished\": \"2023-05-30T23:12:29.867Z\", \"assignerShortName\": \"canonical\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

FKIE_CVE-2023-2612

Vulnerability from fkie_nvd - Published: 2023-05-31 00:15 - Updated: 2024-11-21 07:58

Severity ?

4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
4.7 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
security@ubuntu.com	http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html
security@ubuntu.com	https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/kinetic/commit/?id=02b47547824b1cd0d55c6744f91886f04de8947e	Mailing List, Patch
security@ubuntu.com	https://ubuntu.com/security/CVE-2023-2612	Vendor Advisory
security@ubuntu.com	https://ubuntu.com/security/notices/USN-6122-1	Vendor Advisory
security@ubuntu.com	https://ubuntu.com/security/notices/USN-6123-1	Vendor Advisory
security@ubuntu.com	https://ubuntu.com/security/notices/USN-6124-1	Vendor Advisory
security@ubuntu.com	https://ubuntu.com/security/notices/USN-6127-1	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html
af854a3a-2127-422b-91ae-364da2661108	https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/kinetic/commit/?id=02b47547824b1cd0d55c6744f91886f04de8947e	Mailing List, Patch
af854a3a-2127-422b-91ae-364da2661108	https://ubuntu.com/security/CVE-2023-2612	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://ubuntu.com/security/notices/USN-6122-1	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://ubuntu.com/security/notices/USN-6123-1	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://ubuntu.com/security/notices/USN-6124-1	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://ubuntu.com/security/notices/USN-6127-1	Vendor Advisory

Impacted products

Vendor	Product	Version
canonical	ubuntu_linux	20.04
canonical	ubuntu_linux	22.04
canonical	ubuntu_linux	22.10

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*",
              "matchCriteriaId": "902B8056-9E37-443B-8905-8AA93E2447FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:*",
              "matchCriteriaId": "359012F1-2C63-415A-88B8-6726A87830DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:22.10:*:*:*:-:*:*:*",
              "matchCriteriaId": "47842532-D2B6-44CB-ADE2-4AC8630A4D8C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service (kernel deadlock)."
    }
  ],
  "id": "CVE-2023-2612",
  "lastModified": "2024-11-21T07:58:55.937",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 4.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.8,
        "impactScore": 3.6,
        "source": "security@ubuntu.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 4.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.0,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-05-31T00:15:10.257",
  "references": [
    {
      "source": "security@ubuntu.com",
      "url": "http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html"
    },
    {
      "source": "security@ubuntu.com",
      "tags": [
        "Mailing List",
        "Patch"
      ],
      "url": "https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/kinetic/commit/?id=02b47547824b1cd0d55c6744f91886f04de8947e"
    },
    {
      "source": "security@ubuntu.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://ubuntu.com/security/CVE-2023-2612"
    },
    {
      "source": "security@ubuntu.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://ubuntu.com/security/notices/USN-6122-1"
    },
    {
      "source": "security@ubuntu.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://ubuntu.com/security/notices/USN-6123-1"
    },
    {
      "source": "security@ubuntu.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://ubuntu.com/security/notices/USN-6124-1"
    },
    {
      "source": "security@ubuntu.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://ubuntu.com/security/notices/USN-6127-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Patch"
      ],
      "url": "https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/kinetic/commit/?id=02b47547824b1cd0d55c6744f91886f04de8947e"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://ubuntu.com/security/CVE-2023-2612"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://ubuntu.com/security/notices/USN-6122-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://ubuntu.com/security/notices/USN-6123-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://ubuntu.com/security/notices/USN-6124-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://ubuntu.com/security/notices/USN-6127-1"
    }
  ],
  "sourceIdentifier": "security@ubuntu.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-667"
        }
      ],
      "source": "security@ubuntu.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-667"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CERTFR-2023-AVI-0543

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une atteinte à l'intégrité des données et une exécution de code arbitraire.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Ubuntu	Ubuntu	Ubuntu 16.04 ESM
Ubuntu	Ubuntu	Ubuntu 20.04 LTS
Ubuntu	Ubuntu	Ubuntu 23.04
Ubuntu	Ubuntu	Ubuntu 14.04 ESM
Ubuntu	Ubuntu	Ubuntu 22.04 LTS

References

Title

Publication Time

Tags

Bulletin de sécurité Ubuntu USN-6211-1 du 07 juillet 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6220-1 du 12 juillet 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6222-1 du 12 juillet 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6221-1 du 12 juillet 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6212-1 du 07 juillet 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6223-1 du 12 juillet 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6224-1 du 12 juillet 2023	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ubuntu 16.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 20.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 23.04",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 14.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 22.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-3707",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3707"
    },
    {
      "name": "CVE-2023-1076",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1076"
    },
    {
      "name": "CVE-2023-1281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1281"
    },
    {
      "name": "CVE-2023-2985",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2985"
    },
    {
      "name": "CVE-2023-35788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-35788"
    },
    {
      "name": "CVE-2022-29901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29901"
    },
    {
      "name": "CVE-2023-31436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31436"
    },
    {
      "name": "CVE-2022-3903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3903"
    },
    {
      "name": "CVE-2023-1074",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1074"
    },
    {
      "name": "CVE-2022-4129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4129"
    },
    {
      "name": "CVE-2023-32269",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32269"
    },
    {
      "name": "CVE-2023-1859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1859"
    },
    {
      "name": "CVE-2023-3111",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3111"
    },
    {
      "name": "CVE-2023-1670",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1670"
    },
    {
      "name": "CVE-2022-1184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1184"
    },
    {
      "name": "CVE-2021-3753",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3753"
    },
    {
      "name": "CVE-2021-20321",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20321"
    },
    {
      "name": "CVE-2023-1078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1078"
    },
    {
      "name": "CVE-2023-2176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2176"
    },
    {
      "name": "CVE-2023-2162",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2162"
    },
    {
      "name": "CVE-2023-1079",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1079"
    },
    {
      "name": "CVE-2023-1990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1990"
    },
    {
      "name": "CVE-2023-3161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3161"
    },
    {
      "name": "CVE-2023-1998",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1998"
    },
    {
      "name": "CVE-2023-1075",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1075"
    },
    {
      "name": "CVE-2023-26545",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-26545"
    },
    {
      "name": "CVE-2023-1380",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1380"
    },
    {
      "name": "CVE-2023-25012",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25012"
    },
    {
      "name": "CVE-2023-1118",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1118"
    },
    {
      "name": "CVE-2022-26373",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-26373"
    },
    {
      "name": "CVE-2022-3108",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3108"
    },
    {
      "name": "CVE-2023-1829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1829"
    },
    {
      "name": "CVE-2023-30456",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-30456"
    },
    {
      "name": "CVE-2023-0458",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0458"
    },
    {
      "name": "CVE-2023-2612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2612"
    },
    {
      "name": "CVE-2023-1077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1077"
    },
    {
      "name": "CVE-2023-1073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1073"
    },
    {
      "name": "CVE-2023-1513",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1513"
    },
    {
      "name": "CVE-2023-32233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32233"
    },
    {
      "name": "CVE-2023-0459",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0459"
    },
    {
      "name": "CVE-2023-2124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2124"
    }
  ],
  "links": [],
  "reference": "CERTFR-2023-AVI-0543",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2023-07-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux d\u0027Ubuntu\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9\ndes donn\u00e9es, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une ex\u00e9cution de\ncode arbitraire.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6211-1 du 07 juillet 2023",
      "url": "https://ubuntu.com/security/notices/USN-6211-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6220-1 du 12 juillet 2023",
      "url": "https://ubuntu.com/security/notices/USN-6220-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6222-1 du 12 juillet 2023",
      "url": "https://ubuntu.com/security/notices/USN-6222-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6221-1 du 12 juillet 2023",
      "url": "https://ubuntu.com/security/notices/USN-6221-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6212-1 du 07 juillet 2023",
      "url": "https://ubuntu.com/security/notices/USN-6212-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6223-1 du 12 juillet 2023",
      "url": "https://ubuntu.com/security/notices/USN-6223-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6224-1 du 12 juillet 2023",
      "url": "https://ubuntu.com/security/notices/USN-6224-1"
    }
  ]
}

CERTFR-2023-AVI-0473

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service à distance et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Ubuntu	Ubuntu	Ubuntu 20.04 LTS

References

Title

Publication Time

Tags

Bulletin de sécurité Ubuntu USN-6162-1 du 14 juin 2023

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ubuntu 20.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2023-31436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31436"
    },
    {
      "name": "CVE-2023-1380",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1380"
    },
    {
      "name": "CVE-2023-30456",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-30456"
    },
    {
      "name": "CVE-2023-2612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2612"
    },
    {
      "name": "CVE-2023-32233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32233"
    }
  ],
  "links": [],
  "reference": "CERTFR-2023-AVI-0473",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2023-06-16T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux\nd\u0027Ubuntu. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de\ncode arbitraire, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6162-1 du 14 juin 2023",
      "url": "https://ubuntu.com/security/notices/USN-6162-1"
    }
  ]
}

CERTFR-2023-AVI-0599

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, une exécution de code arbitraire et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Ubuntu	Ubuntu	Ubuntu 16.04 ESM
Ubuntu	Ubuntu	Ubuntu 18.04 ESM
Ubuntu	Ubuntu	Ubuntu 20.04 LTS
Ubuntu	Ubuntu	Ubuntu 23.04
Ubuntu	Ubuntu	Ubuntu 14.04 ESM
Ubuntu	Ubuntu	Ubuntu 22.04 LTS

References

Title

Publication Time

Tags

Bulletin de sécurité Ubuntu USN-6246-1 du 25 juillet 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6252-1 du 26 juillet 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6249-1 du 25 juillet 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6250-1 du 25 juillet 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6256-1 du 27 juillet 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6248-1 du 25 juillet 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6254-1 du 26 juillet 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6247-1 du 25 juillet 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6251-1 du 26 juillet 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6255-1 du 26 juillet 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6260-1 du 27 juillet 2023	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ubuntu 16.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 18.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 20.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 23.04",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 14.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 22.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-3707",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3707"
    },
    {
      "name": "CVE-2023-3269",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3269"
    },
    {
      "name": "CVE-2023-1076",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1076"
    },
    {
      "name": "CVE-2023-2640",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2640"
    },
    {
      "name": "CVE-2022-48502",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48502"
    },
    {
      "name": "CVE-2023-3439",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3439"
    },
    {
      "name": "CVE-2023-1281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1281"
    },
    {
      "name": "CVE-2023-3390",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3390"
    },
    {
      "name": "CVE-2022-47929",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-47929"
    },
    {
      "name": "CVE-2023-3159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3159"
    },
    {
      "name": "CVE-2023-2985",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2985"
    },
    {
      "name": "CVE-2023-35788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-35788"
    },
    {
      "name": "CVE-2023-2860",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2860"
    },
    {
      "name": "CVE-2023-31248",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31248"
    },
    {
      "name": "CVE-2023-2513",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2513"
    },
    {
      "name": "CVE-2023-3090",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3090"
    },
    {
      "name": "CVE-2023-21106",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21106"
    },
    {
      "name": "CVE-2023-31436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31436"
    },
    {
      "name": "CVE-2022-3903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3903"
    },
    {
      "name": "CVE-2023-1074",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1074"
    },
    {
      "name": "CVE-2022-4129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4129"
    },
    {
      "name": "CVE-2023-32269",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32269"
    },
    {
      "name": "CVE-2023-1859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1859"
    },
    {
      "name": "CVE-2023-3111",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3111"
    },
    {
      "name": "CVE-2023-1670",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1670"
    },
    {
      "name": "CVE-2023-32629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32629"
    },
    {
      "name": "CVE-2022-1184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1184"
    },
    {
      "name": "CVE-2022-2663",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2663"
    },
    {
      "name": "CVE-2023-1078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1078"
    },
    {
      "name": "CVE-2023-2162",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2162"
    },
    {
      "name": "CVE-2023-1079",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1079"
    },
    {
      "name": "CVE-2023-1990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1990"
    },
    {
      "name": "CVE-2023-3161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3161"
    },
    {
      "name": "CVE-2023-1998",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1998"
    },
    {
      "name": "CVE-2023-1075",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1075"
    },
    {
      "name": "CVE-2023-26545",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-26545"
    },
    {
      "name": "CVE-2023-1380",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1380"
    },
    {
      "name": "CVE-2023-25012",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25012"
    },
    {
      "name": "CVE-2023-1118",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1118"
    },
    {
      "name": "CVE-2022-3303",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3303"
    },
    {
      "name": "CVE-2022-3108",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3108"
    },
    {
      "name": "CVE-2023-1829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1829"
    },
    {
      "name": "CVE-2023-3141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3141"
    },
    {
      "name": "CVE-2023-30456",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-30456"
    },
    {
      "name": "CVE-2023-0458",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0458"
    },
    {
      "name": "CVE-2023-2612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2612"
    },
    {
      "name": "CVE-2023-1077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1077"
    },
    {
      "name": "CVE-2023-1073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1073"
    },
    {
      "name": "CVE-2023-35001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-35001"
    },
    {
      "name": "CVE-2023-1513",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1513"
    },
    {
      "name": "CVE-2023-32233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32233"
    },
    {
      "name": "CVE-2023-0459",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0459"
    },
    {
      "name": "CVE-2023-1611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1611"
    },
    {
      "name": "CVE-2023-3268",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3268"
    },
    {
      "name": "CVE-2022-3635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3635"
    },
    {
      "name": "CVE-2023-2124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2124"
    },
    {
      "name": "CVE-2023-3389",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3389"
    }
  ],
  "links": [],
  "reference": "CERTFR-2023-AVI-0599",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2023-07-28T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux d\u0027Ubuntu\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, une\nex\u00e9cution de code arbitraire et une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6246-1 du 25 juillet 2023",
      "url": "https://ubuntu.com/security/notices/USN-6246-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6252-1 du 26 juillet 2023",
      "url": "https://ubuntu.com/security/notices/USN-6252-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6249-1 du 25 juillet 2023",
      "url": "https://ubuntu.com/security/notices/USN-6249-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6250-1 du 25 juillet 2023",
      "url": "https://ubuntu.com/security/notices/USN-6250-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6256-1 du 27 juillet 2023",
      "url": "https://ubuntu.com/security/notices/USN-6256-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6248-1 du 25 juillet 2023",
      "url": "https://ubuntu.com/security/notices/USN-6248-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6254-1 du 26 juillet 2023",
      "url": "https://ubuntu.com/security/notices/USN-6254-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6247-1 du 25 juillet 2023",
      "url": "https://ubuntu.com/security/notices/USN-6247-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6251-1 du 26 juillet 2023",
      "url": "https://ubuntu.com/security/notices/USN-6251-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6255-1 du 26 juillet 2023",
      "url": "https://ubuntu.com/security/notices/USN-6255-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6260-1 du 27 juillet 2023",
      "url": "https://ubuntu.com/security/notices/USN-6260-1"
    }
  ]
}

CERTFR-2023-AVI-0543

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Ubuntu	Ubuntu	Ubuntu 16.04 ESM
Ubuntu	Ubuntu	Ubuntu 20.04 LTS
Ubuntu	Ubuntu	Ubuntu 23.04
Ubuntu	Ubuntu	Ubuntu 14.04 ESM
Ubuntu	Ubuntu	Ubuntu 22.04 LTS

References

Title

Publication Time

Tags

Bulletin de sécurité Ubuntu USN-6211-1 du 07 juillet 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6220-1 du 12 juillet 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6222-1 du 12 juillet 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6221-1 du 12 juillet 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6212-1 du 07 juillet 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6223-1 du 12 juillet 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6224-1 du 12 juillet 2023	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ubuntu 16.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 20.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 23.04",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 14.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 22.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-3707",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3707"
    },
    {
      "name": "CVE-2023-1076",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1076"
    },
    {
      "name": "CVE-2023-1281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1281"
    },
    {
      "name": "CVE-2023-2985",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2985"
    },
    {
      "name": "CVE-2023-35788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-35788"
    },
    {
      "name": "CVE-2022-29901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-29901"
    },
    {
      "name": "CVE-2023-31436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31436"
    },
    {
      "name": "CVE-2022-3903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3903"
    },
    {
      "name": "CVE-2023-1074",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1074"
    },
    {
      "name": "CVE-2022-4129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4129"
    },
    {
      "name": "CVE-2023-32269",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32269"
    },
    {
      "name": "CVE-2023-1859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1859"
    },
    {
      "name": "CVE-2023-3111",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3111"
    },
    {
      "name": "CVE-2023-1670",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1670"
    },
    {
      "name": "CVE-2022-1184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1184"
    },
    {
      "name": "CVE-2021-3753",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3753"
    },
    {
      "name": "CVE-2021-20321",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-20321"
    },
    {
      "name": "CVE-2023-1078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1078"
    },
    {
      "name": "CVE-2023-2176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2176"
    },
    {
      "name": "CVE-2023-2162",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2162"
    },
    {
      "name": "CVE-2023-1079",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1079"
    },
    {
      "name": "CVE-2023-1990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1990"
    },
    {
      "name": "CVE-2023-3161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3161"
    },
    {
      "name": "CVE-2023-1998",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1998"
    },
    {
      "name": "CVE-2023-1075",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1075"
    },
    {
      "name": "CVE-2023-26545",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-26545"
    },
    {
      "name": "CVE-2023-1380",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1380"
    },
    {
      "name": "CVE-2023-25012",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25012"
    },
    {
      "name": "CVE-2023-1118",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1118"
    },
    {
      "name": "CVE-2022-26373",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-26373"
    },
    {
      "name": "CVE-2022-3108",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3108"
    },
    {
      "name": "CVE-2023-1829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1829"
    },
    {
      "name": "CVE-2023-30456",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-30456"
    },
    {
      "name": "CVE-2023-0458",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0458"
    },
    {
      "name": "CVE-2023-2612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2612"
    },
    {
      "name": "CVE-2023-1077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1077"
    },
    {
      "name": "CVE-2023-1073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1073"
    },
    {
      "name": "CVE-2023-1513",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1513"
    },
    {
      "name": "CVE-2023-32233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32233"
    },
    {
      "name": "CVE-2023-0459",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0459"
    },
    {
      "name": "CVE-2023-2124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2124"
    }
  ],
  "links": [],
  "reference": "CERTFR-2023-AVI-0543",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2023-07-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux d\u0027Ubuntu\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9\ndes donn\u00e9es, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une ex\u00e9cution de\ncode arbitraire.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6211-1 du 07 juillet 2023",
      "url": "https://ubuntu.com/security/notices/USN-6211-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6220-1 du 12 juillet 2023",
      "url": "https://ubuntu.com/security/notices/USN-6220-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6222-1 du 12 juillet 2023",
      "url": "https://ubuntu.com/security/notices/USN-6222-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6221-1 du 12 juillet 2023",
      "url": "https://ubuntu.com/security/notices/USN-6221-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6212-1 du 07 juillet 2023",
      "url": "https://ubuntu.com/security/notices/USN-6212-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6223-1 du 12 juillet 2023",
      "url": "https://ubuntu.com/security/notices/USN-6223-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6224-1 du 12 juillet 2023",
      "url": "https://ubuntu.com/security/notices/USN-6224-1"
    }
  ]
}

CERTFR-2023-AVI-0473

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Ubuntu	Ubuntu	Ubuntu 20.04 LTS

References

Title

Publication Time

Tags

Bulletin de sécurité Ubuntu USN-6162-1 du 14 juin 2023

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ubuntu 20.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2023-31436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31436"
    },
    {
      "name": "CVE-2023-1380",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1380"
    },
    {
      "name": "CVE-2023-30456",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-30456"
    },
    {
      "name": "CVE-2023-2612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2612"
    },
    {
      "name": "CVE-2023-32233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32233"
    }
  ],
  "links": [],
  "reference": "CERTFR-2023-AVI-0473",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2023-06-16T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux\nd\u0027Ubuntu. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de\ncode arbitraire, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6162-1 du 14 juin 2023",
      "url": "https://ubuntu.com/security/notices/USN-6162-1"
    }
  ]
}

CERTFR-2023-AVI-0488

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, une atteinte à la confidentialité des données et une exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Ubuntu	Ubuntu	Ubuntu 22.10
Ubuntu	Ubuntu	Ubuntu 18.04 ESM
Ubuntu	Ubuntu	Ubuntu 20.04 LTS
Ubuntu	Ubuntu	Ubuntu 23.04
Ubuntu	Ubuntu	Ubuntu 22.04 LTS

References

Title

Publication Time

Tags

Bulletin de sécurité Ubuntu USN-6186-1 du 22 juin 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6175-1 du 16 juin 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6172-1 du 16 juin 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6171-1 du 16 juin 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6174-1 du 16 juin 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6173-1 du 16 juin 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6185-1 du 22 juin 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6187-1 du 22 juin 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu LSN-0095-1 du 21 juin 2023	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ubuntu 22.10",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 18.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 20.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 23.04",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 22.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2023-28466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28466"
    },
    {
      "name": "CVE-2023-30772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-30772"
    },
    {
      "name": "CVE-2023-1076",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1076"
    },
    {
      "name": "CVE-2023-2235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2235"
    },
    {
      "name": "CVE-2023-2002",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2002"
    },
    {
      "name": "CVE-2022-4269",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4269"
    },
    {
      "name": "CVE-2023-2985",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2985"
    },
    {
      "name": "CVE-2023-26606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-26606"
    },
    {
      "name": "CVE-2023-1989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1989"
    },
    {
      "name": "CVE-2023-28866",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28866"
    },
    {
      "name": "CVE-2023-1855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1855"
    },
    {
      "name": "CVE-2023-31436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31436"
    },
    {
      "name": "CVE-2023-2194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2194"
    },
    {
      "name": "CVE-2023-33203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-33203"
    },
    {
      "name": "CVE-2023-1859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1859"
    },
    {
      "name": "CVE-2023-32254",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32254"
    },
    {
      "name": "CVE-2023-1670",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1670"
    },
    {
      "name": "CVE-2023-1079",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1079"
    },
    {
      "name": "CVE-2023-33288",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-33288"
    },
    {
      "name": "CVE-2023-1990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1990"
    },
    {
      "name": "CVE-2023-1998",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1998"
    },
    {
      "name": "CVE-2023-1872",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1872"
    },
    {
      "name": "CVE-2023-1380",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1380"
    },
    {
      "name": "CVE-2023-25012",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25012"
    },
    {
      "name": "CVE-2023-2269",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2269"
    },
    {
      "name": "CVE-2023-0386",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0386"
    },
    {
      "name": "CVE-2023-30456",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-30456"
    },
    {
      "name": "CVE-2023-2612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2612"
    },
    {
      "name": "CVE-2023-1077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1077"
    },
    {
      "name": "CVE-2023-1073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1073"
    },
    {
      "name": "CVE-2023-32233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32233"
    },
    {
      "name": "CVE-2023-2156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2156"
    },
    {
      "name": "CVE-2023-0459",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0459"
    },
    {
      "name": "CVE-2023-1611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1611"
    },
    {
      "name": "CVE-2023-1583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1583"
    },
    {
      "name": "CVE-2023-32250",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32250"
    }
  ],
  "links": [],
  "reference": "CERTFR-2023-AVI-0488",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2023-06-23T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux d\u0027Ubuntu\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, une\natteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une ex\u00e9cution de code\narbitraire \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6186-1 du 22 juin 2023",
      "url": "https://ubuntu.com/security/notices/USN-6186-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6175-1 du 16 juin 2023",
      "url": "https://ubuntu.com/security/notices/USN-6175-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6172-1 du 16 juin 2023",
      "url": "https://ubuntu.com/security/notices/USN-6172-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6171-1 du 16 juin 2023",
      "url": "https://ubuntu.com/security/notices/USN-6171-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6174-1 du 16 juin 2023",
      "url": "https://ubuntu.com/security/notices/USN-6174-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6173-1 du 16 juin 2023",
      "url": "https://ubuntu.com/security/notices/USN-6173-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6185-1 du 22 juin 2023",
      "url": "https://ubuntu.com/security/notices/USN-6185-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6187-1 du 22 juin 2023",
      "url": "https://ubuntu.com/security/notices/USN-6187-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu LSN-0095-1 du 21 juin 2023",
      "url": "https://ubuntu.com/security/notices/LSN-0095-1"
    }
  ]
}

CERTFR-2023-AVI-0429

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Ubuntu	Ubuntu	Ubuntu 22.10
Ubuntu	Ubuntu	Ubuntu 16.04 ESM
Ubuntu	Ubuntu	Ubuntu 18.04 ESM
Ubuntu	Ubuntu	Ubuntu 20.04 LTS
Ubuntu	Ubuntu	Ubuntu 14.04 ESM
Ubuntu	Ubuntu	Ubuntu 22.04 LTS

References

Title

Publication Time

Tags

Bulletin de sécurité Ubuntu USN-6134-1 du 01 juin 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6133-1 du 01 juin 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6130-1 du 01 juin 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6123-1 du 30 mai 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6118-1 du 30 mai 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6131-1 du 01 juin 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6124-1 du 30 mai 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6122-1 du 30 mai 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6127-1 du 31 mai 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6132-1 du 01 juin 2023	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ubuntu 22.10",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 16.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 18.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 20.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 14.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 22.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-3707",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3707"
    },
    {
      "name": "CVE-2023-1281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1281"
    },
    {
      "name": "CVE-2022-47929",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-47929"
    },
    {
      "name": "CVE-2023-26606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-26606"
    },
    {
      "name": "CVE-2022-4842",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4842"
    },
    {
      "name": "CVE-2023-31436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31436"
    },
    {
      "name": "CVE-2023-1074",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1074"
    },
    {
      "name": "CVE-2022-4129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4129"
    },
    {
      "name": "CVE-2023-32269",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32269"
    },
    {
      "name": "CVE-2023-1670",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1670"
    },
    {
      "name": "CVE-2023-1078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1078"
    },
    {
      "name": "CVE-2023-2162",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2162"
    },
    {
      "name": "CVE-2022-3586",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3586"
    },
    {
      "name": "CVE-2023-1075",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1075"
    },
    {
      "name": "CVE-2023-1872",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1872"
    },
    {
      "name": "CVE-2023-26545",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-26545"
    },
    {
      "name": "CVE-2023-1380",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1380"
    },
    {
      "name": "CVE-2023-21102",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21102"
    },
    {
      "name": "CVE-2023-1118",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1118"
    },
    {
      "name": "CVE-2023-0394",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0394"
    },
    {
      "name": "CVE-2022-27672",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27672"
    },
    {
      "name": "CVE-2023-0386",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0386"
    },
    {
      "name": "CVE-2023-20938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-20938"
    },
    {
      "name": "CVE-2023-1829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1829"
    },
    {
      "name": "CVE-2023-30456",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-30456"
    },
    {
      "name": "CVE-2023-0458",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0458"
    },
    {
      "name": "CVE-2023-2612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2612"
    },
    {
      "name": "CVE-2023-1073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1073"
    },
    {
      "name": "CVE-2023-1513",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1513"
    },
    {
      "name": "CVE-2023-1652",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1652"
    },
    {
      "name": "CVE-2022-4139",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4139"
    },
    {
      "name": "CVE-2023-32233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32233"
    },
    {
      "name": "CVE-2023-0459",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0459"
    }
  ],
  "links": [],
  "reference": "CERTFR-2023-AVI-0429",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2023-06-02T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux d\u0027Ubuntu\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire, un d\u00e9ni de\nservice et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6134-1 du 01 juin 2023",
      "url": "https://ubuntu.com/security/notices/USN-6134-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6133-1 du 01 juin 2023",
      "url": "https://ubuntu.com/security/notices/USN-6133-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6130-1 du 01 juin 2023",
      "url": "https://ubuntu.com/security/notices/USN-6130-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6123-1 du 30 mai 2023",
      "url": "https://ubuntu.com/security/notices/USN-6123-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6118-1 du 30 mai 2023",
      "url": "https://ubuntu.com/security/notices/USN-6118-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6131-1 du 01 juin 2023",
      "url": "https://ubuntu.com/security/notices/USN-6131-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6124-1 du 30 mai 2023",
      "url": "https://ubuntu.com/security/notices/USN-6124-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6122-1 du 30 mai 2023",
      "url": "https://ubuntu.com/security/notices/USN-6122-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6127-1 du 31 mai 2023",
      "url": "https://ubuntu.com/security/notices/USN-6127-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6132-1 du 01 juin 2023",
      "url": "https://ubuntu.com/security/notices/USN-6132-1"
    }
  ]
}

CERTFR-2023-AVI-0448

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Ubuntu	Ubuntu	Ubuntu 16.04 ESM
Ubuntu	Ubuntu	Ubuntu 20.04 LTS
Ubuntu	Ubuntu	Ubuntu 14.04 ESM
Ubuntu	Ubuntu	Ubuntu 22.04 LTS

References

Title

Publication Time

Tags

Bulletin de sécurité Ubuntu USN-6151-1 du 08 juin 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6150-1 du 08 juin 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6149-1 du 08 juin 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6135-1 du 02 juin 2023	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ubuntu 16.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 20.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 14.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 22.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2023-28328",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28328"
    },
    {
      "name": "CVE-2023-31436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31436"
    },
    {
      "name": "CVE-2022-4382",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4382"
    },
    {
      "name": "CVE-2022-2196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2196"
    },
    {
      "name": "CVE-2023-23559",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23559"
    },
    {
      "name": "CVE-2021-3669",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3669"
    },
    {
      "name": "CVE-2023-1380",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1380"
    },
    {
      "name": "CVE-2023-30456",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-30456"
    },
    {
      "name": "CVE-2023-2612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2612"
    },
    {
      "name": "CVE-2023-1073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1073"
    },
    {
      "name": "CVE-2023-32233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32233"
    }
  ],
  "links": [],
  "reference": "CERTFR-2023-AVI-0448",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2023-06-09T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux d\u0027Ubuntu\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9\ndes donn\u00e9es, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une ex\u00e9cution de\ncode arbitraire.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6151-1 du 08 juin 2023",
      "url": "https://ubuntu.com/security/notices/USN-6151-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6150-1 du 08 juin 2023",
      "url": "https://ubuntu.com/security/notices/USN-6150-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6149-1 du 08 juin 2023",
      "url": "https://ubuntu.com/security/notices/USN-6149-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6135-1 du 02 juin 2023",
      "url": "https://ubuntu.com/security/notices/USN-6135-1"
    }
  ]
}

CERTFR-2023-AVI-0429

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Ubuntu	Ubuntu	Ubuntu 22.10
Ubuntu	Ubuntu	Ubuntu 16.04 ESM
Ubuntu	Ubuntu	Ubuntu 18.04 ESM
Ubuntu	Ubuntu	Ubuntu 20.04 LTS
Ubuntu	Ubuntu	Ubuntu 14.04 ESM
Ubuntu	Ubuntu	Ubuntu 22.04 LTS

References

Title

Publication Time

Tags

Bulletin de sécurité Ubuntu USN-6134-1 du 01 juin 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6133-1 du 01 juin 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6130-1 du 01 juin 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6123-1 du 30 mai 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6118-1 du 30 mai 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6131-1 du 01 juin 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6124-1 du 30 mai 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6122-1 du 30 mai 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6127-1 du 31 mai 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6132-1 du 01 juin 2023	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ubuntu 22.10",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 16.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 18.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 20.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 14.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 22.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-3707",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3707"
    },
    {
      "name": "CVE-2023-1281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1281"
    },
    {
      "name": "CVE-2022-47929",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-47929"
    },
    {
      "name": "CVE-2023-26606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-26606"
    },
    {
      "name": "CVE-2022-4842",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4842"
    },
    {
      "name": "CVE-2023-31436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31436"
    },
    {
      "name": "CVE-2023-1074",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1074"
    },
    {
      "name": "CVE-2022-4129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4129"
    },
    {
      "name": "CVE-2023-32269",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32269"
    },
    {
      "name": "CVE-2023-1670",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1670"
    },
    {
      "name": "CVE-2023-1078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1078"
    },
    {
      "name": "CVE-2023-2162",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2162"
    },
    {
      "name": "CVE-2022-3586",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3586"
    },
    {
      "name": "CVE-2023-1075",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1075"
    },
    {
      "name": "CVE-2023-1872",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1872"
    },
    {
      "name": "CVE-2023-26545",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-26545"
    },
    {
      "name": "CVE-2023-1380",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1380"
    },
    {
      "name": "CVE-2023-21102",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21102"
    },
    {
      "name": "CVE-2023-1118",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1118"
    },
    {
      "name": "CVE-2023-0394",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0394"
    },
    {
      "name": "CVE-2022-27672",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27672"
    },
    {
      "name": "CVE-2023-0386",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0386"
    },
    {
      "name": "CVE-2023-20938",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-20938"
    },
    {
      "name": "CVE-2023-1829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1829"
    },
    {
      "name": "CVE-2023-30456",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-30456"
    },
    {
      "name": "CVE-2023-0458",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0458"
    },
    {
      "name": "CVE-2023-2612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2612"
    },
    {
      "name": "CVE-2023-1073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1073"
    },
    {
      "name": "CVE-2023-1513",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1513"
    },
    {
      "name": "CVE-2023-1652",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1652"
    },
    {
      "name": "CVE-2022-4139",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4139"
    },
    {
      "name": "CVE-2023-32233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32233"
    },
    {
      "name": "CVE-2023-0459",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0459"
    }
  ],
  "links": [],
  "reference": "CERTFR-2023-AVI-0429",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2023-06-02T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux d\u0027Ubuntu\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire, un d\u00e9ni de\nservice et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6134-1 du 01 juin 2023",
      "url": "https://ubuntu.com/security/notices/USN-6134-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6133-1 du 01 juin 2023",
      "url": "https://ubuntu.com/security/notices/USN-6133-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6130-1 du 01 juin 2023",
      "url": "https://ubuntu.com/security/notices/USN-6130-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6123-1 du 30 mai 2023",
      "url": "https://ubuntu.com/security/notices/USN-6123-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6118-1 du 30 mai 2023",
      "url": "https://ubuntu.com/security/notices/USN-6118-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6131-1 du 01 juin 2023",
      "url": "https://ubuntu.com/security/notices/USN-6131-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6124-1 du 30 mai 2023",
      "url": "https://ubuntu.com/security/notices/USN-6124-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6122-1 du 30 mai 2023",
      "url": "https://ubuntu.com/security/notices/USN-6122-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6127-1 du 31 mai 2023",
      "url": "https://ubuntu.com/security/notices/USN-6127-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6132-1 du 01 juin 2023",
      "url": "https://ubuntu.com/security/notices/USN-6132-1"
    }
  ]
}

CERTFR-2023-AVI-0599

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Ubuntu	Ubuntu	Ubuntu 16.04 ESM
Ubuntu	Ubuntu	Ubuntu 18.04 ESM
Ubuntu	Ubuntu	Ubuntu 20.04 LTS
Ubuntu	Ubuntu	Ubuntu 23.04
Ubuntu	Ubuntu	Ubuntu 14.04 ESM
Ubuntu	Ubuntu	Ubuntu 22.04 LTS

References

Title

Publication Time

Tags

Bulletin de sécurité Ubuntu USN-6246-1 du 25 juillet 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6252-1 du 26 juillet 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6249-1 du 25 juillet 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6250-1 du 25 juillet 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6256-1 du 27 juillet 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6248-1 du 25 juillet 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6254-1 du 26 juillet 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6247-1 du 25 juillet 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6251-1 du 26 juillet 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6255-1 du 26 juillet 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6260-1 du 27 juillet 2023	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ubuntu 16.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 18.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 20.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 23.04",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 14.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 22.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-3707",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3707"
    },
    {
      "name": "CVE-2023-3269",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3269"
    },
    {
      "name": "CVE-2023-1076",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1076"
    },
    {
      "name": "CVE-2023-2640",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2640"
    },
    {
      "name": "CVE-2022-48502",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-48502"
    },
    {
      "name": "CVE-2023-3439",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3439"
    },
    {
      "name": "CVE-2023-1281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1281"
    },
    {
      "name": "CVE-2023-3390",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3390"
    },
    {
      "name": "CVE-2022-47929",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-47929"
    },
    {
      "name": "CVE-2023-3159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3159"
    },
    {
      "name": "CVE-2023-2985",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2985"
    },
    {
      "name": "CVE-2023-35788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-35788"
    },
    {
      "name": "CVE-2023-2860",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2860"
    },
    {
      "name": "CVE-2023-31248",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31248"
    },
    {
      "name": "CVE-2023-2513",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2513"
    },
    {
      "name": "CVE-2023-3090",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3090"
    },
    {
      "name": "CVE-2023-21106",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-21106"
    },
    {
      "name": "CVE-2023-31436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31436"
    },
    {
      "name": "CVE-2022-3903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3903"
    },
    {
      "name": "CVE-2023-1074",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1074"
    },
    {
      "name": "CVE-2022-4129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4129"
    },
    {
      "name": "CVE-2023-32269",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32269"
    },
    {
      "name": "CVE-2023-1859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1859"
    },
    {
      "name": "CVE-2023-3111",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3111"
    },
    {
      "name": "CVE-2023-1670",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1670"
    },
    {
      "name": "CVE-2023-32629",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32629"
    },
    {
      "name": "CVE-2022-1184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-1184"
    },
    {
      "name": "CVE-2022-2663",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2663"
    },
    {
      "name": "CVE-2023-1078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1078"
    },
    {
      "name": "CVE-2023-2162",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2162"
    },
    {
      "name": "CVE-2023-1079",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1079"
    },
    {
      "name": "CVE-2023-1990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1990"
    },
    {
      "name": "CVE-2023-3161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3161"
    },
    {
      "name": "CVE-2023-1998",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1998"
    },
    {
      "name": "CVE-2023-1075",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1075"
    },
    {
      "name": "CVE-2023-26545",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-26545"
    },
    {
      "name": "CVE-2023-1380",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1380"
    },
    {
      "name": "CVE-2023-25012",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25012"
    },
    {
      "name": "CVE-2023-1118",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1118"
    },
    {
      "name": "CVE-2022-3303",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3303"
    },
    {
      "name": "CVE-2022-3108",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3108"
    },
    {
      "name": "CVE-2023-1829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1829"
    },
    {
      "name": "CVE-2023-3141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3141"
    },
    {
      "name": "CVE-2023-30456",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-30456"
    },
    {
      "name": "CVE-2023-0458",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0458"
    },
    {
      "name": "CVE-2023-2612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2612"
    },
    {
      "name": "CVE-2023-1077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1077"
    },
    {
      "name": "CVE-2023-1073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1073"
    },
    {
      "name": "CVE-2023-35001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-35001"
    },
    {
      "name": "CVE-2023-1513",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1513"
    },
    {
      "name": "CVE-2023-32233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32233"
    },
    {
      "name": "CVE-2023-0459",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0459"
    },
    {
      "name": "CVE-2023-1611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1611"
    },
    {
      "name": "CVE-2023-3268",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3268"
    },
    {
      "name": "CVE-2022-3635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3635"
    },
    {
      "name": "CVE-2023-2124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2124"
    },
    {
      "name": "CVE-2023-3389",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-3389"
    }
  ],
  "links": [],
  "reference": "CERTFR-2023-AVI-0599",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2023-07-28T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux d\u0027Ubuntu\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, une\nex\u00e9cution de code arbitraire et une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6246-1 du 25 juillet 2023",
      "url": "https://ubuntu.com/security/notices/USN-6246-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6252-1 du 26 juillet 2023",
      "url": "https://ubuntu.com/security/notices/USN-6252-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6249-1 du 25 juillet 2023",
      "url": "https://ubuntu.com/security/notices/USN-6249-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6250-1 du 25 juillet 2023",
      "url": "https://ubuntu.com/security/notices/USN-6250-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6256-1 du 27 juillet 2023",
      "url": "https://ubuntu.com/security/notices/USN-6256-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6248-1 du 25 juillet 2023",
      "url": "https://ubuntu.com/security/notices/USN-6248-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6254-1 du 26 juillet 2023",
      "url": "https://ubuntu.com/security/notices/USN-6254-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6247-1 du 25 juillet 2023",
      "url": "https://ubuntu.com/security/notices/USN-6247-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6251-1 du 26 juillet 2023",
      "url": "https://ubuntu.com/security/notices/USN-6251-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6255-1 du 26 juillet 2023",
      "url": "https://ubuntu.com/security/notices/USN-6255-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6260-1 du 27 juillet 2023",
      "url": "https://ubuntu.com/security/notices/USN-6260-1"
    }
  ]
}

CERTFR-2023-AVI-0488

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Ubuntu	Ubuntu	Ubuntu 22.10
Ubuntu	Ubuntu	Ubuntu 18.04 ESM
Ubuntu	Ubuntu	Ubuntu 20.04 LTS
Ubuntu	Ubuntu	Ubuntu 23.04
Ubuntu	Ubuntu	Ubuntu 22.04 LTS

References

Title

Publication Time

Tags

Bulletin de sécurité Ubuntu USN-6186-1 du 22 juin 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6175-1 du 16 juin 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6172-1 du 16 juin 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6171-1 du 16 juin 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6174-1 du 16 juin 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6173-1 du 16 juin 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6185-1 du 22 juin 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6187-1 du 22 juin 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu LSN-0095-1 du 21 juin 2023	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ubuntu 22.10",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 18.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 20.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 23.04",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 22.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2023-28466",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28466"
    },
    {
      "name": "CVE-2023-30772",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-30772"
    },
    {
      "name": "CVE-2023-1076",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1076"
    },
    {
      "name": "CVE-2023-2235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2235"
    },
    {
      "name": "CVE-2023-2002",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2002"
    },
    {
      "name": "CVE-2022-4269",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4269"
    },
    {
      "name": "CVE-2023-2985",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2985"
    },
    {
      "name": "CVE-2023-26606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-26606"
    },
    {
      "name": "CVE-2023-1989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1989"
    },
    {
      "name": "CVE-2023-28866",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28866"
    },
    {
      "name": "CVE-2023-1855",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1855"
    },
    {
      "name": "CVE-2023-31436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31436"
    },
    {
      "name": "CVE-2023-2194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2194"
    },
    {
      "name": "CVE-2023-33203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-33203"
    },
    {
      "name": "CVE-2023-1859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1859"
    },
    {
      "name": "CVE-2023-32254",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32254"
    },
    {
      "name": "CVE-2023-1670",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1670"
    },
    {
      "name": "CVE-2023-1079",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1079"
    },
    {
      "name": "CVE-2023-33288",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-33288"
    },
    {
      "name": "CVE-2023-1990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1990"
    },
    {
      "name": "CVE-2023-1998",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1998"
    },
    {
      "name": "CVE-2023-1872",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1872"
    },
    {
      "name": "CVE-2023-1380",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1380"
    },
    {
      "name": "CVE-2023-25012",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-25012"
    },
    {
      "name": "CVE-2023-2269",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2269"
    },
    {
      "name": "CVE-2023-0386",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0386"
    },
    {
      "name": "CVE-2023-30456",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-30456"
    },
    {
      "name": "CVE-2023-2612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2612"
    },
    {
      "name": "CVE-2023-1077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1077"
    },
    {
      "name": "CVE-2023-1073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1073"
    },
    {
      "name": "CVE-2023-32233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32233"
    },
    {
      "name": "CVE-2023-2156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2156"
    },
    {
      "name": "CVE-2023-0459",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0459"
    },
    {
      "name": "CVE-2023-1611",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1611"
    },
    {
      "name": "CVE-2023-1583",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1583"
    },
    {
      "name": "CVE-2023-32250",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32250"
    }
  ],
  "links": [],
  "reference": "CERTFR-2023-AVI-0488",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2023-06-23T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux d\u0027Ubuntu\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, une\natteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une ex\u00e9cution de code\narbitraire \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6186-1 du 22 juin 2023",
      "url": "https://ubuntu.com/security/notices/USN-6186-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6175-1 du 16 juin 2023",
      "url": "https://ubuntu.com/security/notices/USN-6175-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6172-1 du 16 juin 2023",
      "url": "https://ubuntu.com/security/notices/USN-6172-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6171-1 du 16 juin 2023",
      "url": "https://ubuntu.com/security/notices/USN-6171-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6174-1 du 16 juin 2023",
      "url": "https://ubuntu.com/security/notices/USN-6174-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6173-1 du 16 juin 2023",
      "url": "https://ubuntu.com/security/notices/USN-6173-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6185-1 du 22 juin 2023",
      "url": "https://ubuntu.com/security/notices/USN-6185-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6187-1 du 22 juin 2023",
      "url": "https://ubuntu.com/security/notices/USN-6187-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu LSN-0095-1 du 21 juin 2023",
      "url": "https://ubuntu.com/security/notices/LSN-0095-1"
    }
  ]
}

CERTFR-2023-AVI-0448

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Ubuntu	Ubuntu	Ubuntu 16.04 ESM
Ubuntu	Ubuntu	Ubuntu 20.04 LTS
Ubuntu	Ubuntu	Ubuntu 14.04 ESM
Ubuntu	Ubuntu	Ubuntu 22.04 LTS

References

Title

Publication Time

Tags

Bulletin de sécurité Ubuntu USN-6151-1 du 08 juin 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6150-1 du 08 juin 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6149-1 du 08 juin 2023	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-6135-1 du 02 juin 2023	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ubuntu 16.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 20.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 14.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    },
    {
      "description": "Ubuntu 22.04 LTS",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2023-28328",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-28328"
    },
    {
      "name": "CVE-2023-31436",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-31436"
    },
    {
      "name": "CVE-2022-4382",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4382"
    },
    {
      "name": "CVE-2022-2196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-2196"
    },
    {
      "name": "CVE-2023-23559",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23559"
    },
    {
      "name": "CVE-2021-3669",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-3669"
    },
    {
      "name": "CVE-2023-1380",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1380"
    },
    {
      "name": "CVE-2023-30456",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-30456"
    },
    {
      "name": "CVE-2023-2612",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-2612"
    },
    {
      "name": "CVE-2023-1073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-1073"
    },
    {
      "name": "CVE-2023-32233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-32233"
    }
  ],
  "links": [],
  "reference": "CERTFR-2023-AVI-0448",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2023-06-09T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux d\u0027Ubuntu\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9\ndes donn\u00e9es, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une ex\u00e9cution de\ncode arbitraire.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6151-1 du 08 juin 2023",
      "url": "https://ubuntu.com/security/notices/USN-6151-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6150-1 du 08 juin 2023",
      "url": "https://ubuntu.com/security/notices/USN-6150-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6149-1 du 08 juin 2023",
      "url": "https://ubuntu.com/security/notices/USN-6149-1"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-6135-1 du 02 juin 2023",
      "url": "https://ubuntu.com/security/notices/USN-6135-1"
    }
  ]
}

GSD-2023-2612

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2023-2612

Aliases

CVE-2023-2612

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2023-2612",
    "id": "GSD-2023-2612"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-2612"
      ],
      "details": "Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service (kernel deadlock).",
      "id": "GSD-2023-2612",
      "modified": "2023-12-13T01:20:32.166330Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@ubuntu.com",
        "ID": "CVE-2023-2612",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "ubuntu-linux",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "0",
                          "version_value": "02b47547824b1cd0d55c6744f91886f04de8947e"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Canonical Ltd."
            }
          ]
        }
      },
      "credits": [
        {
          "lang": "en",
          "value": "Jean-Baptiste Cayrou"
        }
      ],
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service (kernel deadlock)."
          }
        ]
      },
      "impact": {
        "cvss": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-667",
                "lang": "eng",
                "value": "CWE-667"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/kinetic/commit/?id=02b47547824b1cd0d55c6744f91886f04de8947e",
            "refsource": "MISC",
            "url": "https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/kinetic/commit/?id=02b47547824b1cd0d55c6744f91886f04de8947e"
          },
          {
            "name": "https://ubuntu.com/security/CVE-2023-2612",
            "refsource": "MISC",
            "url": "https://ubuntu.com/security/CVE-2023-2612"
          },
          {
            "name": "https://ubuntu.com/security/notices/USN-6122-1",
            "refsource": "MISC",
            "url": "https://ubuntu.com/security/notices/USN-6122-1"
          },
          {
            "name": "https://ubuntu.com/security/notices/USN-6123-1",
            "refsource": "MISC",
            "url": "https://ubuntu.com/security/notices/USN-6123-1"
          },
          {
            "name": "https://ubuntu.com/security/notices/USN-6124-1",
            "refsource": "MISC",
            "url": "https://ubuntu.com/security/notices/USN-6124-1"
          },
          {
            "name": "https://ubuntu.com/security/notices/USN-6127-1",
            "refsource": "MISC",
            "url": "https://ubuntu.com/security/notices/USN-6127-1"
          },
          {
            "name": "http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:22.10:*:*:*:-:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@ubuntu.com",
          "ID": "CVE-2023-2612"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service (kernel deadlock)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-667"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://ubuntu.com/security/CVE-2023-2612",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://ubuntu.com/security/CVE-2023-2612"
            },
            {
              "name": "https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/kinetic/commit/?id=02b47547824b1cd0d55c6744f91886f04de8947e",
              "refsource": "MISC",
              "tags": [
                "Mailing List",
                "Patch"
              ],
              "url": "https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/kinetic/commit/?id=02b47547824b1cd0d55c6744f91886f04de8947e"
            },
            {
              "name": "https://ubuntu.com/security/notices/USN-6127-1",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://ubuntu.com/security/notices/USN-6127-1"
            },
            {
              "name": "https://ubuntu.com/security/notices/USN-6123-1",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://ubuntu.com/security/notices/USN-6123-1"
            },
            {
              "name": "https://ubuntu.com/security/notices/USN-6122-1",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://ubuntu.com/security/notices/USN-6122-1"
            },
            {
              "name": "https://ubuntu.com/security/notices/USN-6124-1",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://ubuntu.com/security/notices/USN-6124-1"
            },
            {
              "name": "http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html",
              "refsource": "MISC",
              "tags": [],
              "url": "http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 1.0,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2023-06-22T15:15Z",
      "publishedDate": "2023-05-31T00:15Z"
    }
  }
}

GHSA-R34W-XRJ9-CPVR

Vulnerability from github – Published: 2023-05-31 00:31 – Updated: 2024-04-04 04:24

Details

Severity ?

4.4 (Medium)


                  
                    CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2023-2612"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-667"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-05-31T00:15:10Z",
    "severity": "MODERATE"
  },
  "details": "Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service (kernel deadlock).",
  "id": "GHSA-r34w-xrj9-cpvr",
  "modified": "2024-04-04T04:24:52Z",
  "published": "2023-05-31T00:31:06Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2612"
    },
    {
      "type": "WEB",
      "url": "https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/kinetic/commit/?id=02b47547824b1cd0d55c6744f91886f04de8947e"
    },
    {
      "type": "WEB",
      "url": "https://ubuntu.com/security/CVE-2023-2612"
    },
    {
      "type": "WEB",
      "url": "https://ubuntu.com/security/notices/USN-6122-1"
    },
    {
      "type": "WEB",
      "url": "https://ubuntu.com/security/notices/USN-6123-1"
    },
    {
      "type": "WEB",
      "url": "https://ubuntu.com/security/notices/USN-6124-1"
    },
    {
      "type": "WEB",
      "url": "https://ubuntu.com/security/notices/USN-6127-1"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2023-2612 (GCVE-0-2023-2612)

Solution

Solution

Solution

Solution

Solution

Solution

Solution

Solution

Solution

Solution

Solution

Solution

Tags

Sightings

Nomenclature