var-202307-0874
Vulnerability from variot
In multiple functions of io_uring.c, there is a possible kernel memory corruption due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation. Google of Android Products from multiple vendors, such as Microsoft, contain vulnerabilities related to resource locking.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Google Pixel is a smart phone of Google (Google). -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Debian Security Advisory DSA-5480-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso August 18, 2023 https://www.debian.org/security/faq
Package : linux CVE ID : CVE-2022-4269 CVE-2022-39189 CVE-2023-1206 CVE-2023-1380 CVE-2023-2002 CVE-2023-2007 CVE-2023-2124 CVE-2023-2269 CVE-2023-2898 CVE-2023-3090 CVE-2023-3111 CVE-2023-3212 CVE-2023-3268 CVE-2023-3338 CVE-2023-3389 CVE-2023-3609 CVE-2023-3611 CVE-2023-3776 CVE-2023-3863 CVE-2023-4004 CVE-2023-4128 CVE-2023-4132 CVE-2023-4147 CVE-2023-4194 CVE-2023-4273 CVE-2023-20588 CVE-2023-21255 CVE-2023-21400 CVE-2023-31084 CVE-2023-34319 CVE-2023-35788 CVE-2023-40283
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
CVE-2023-1206
It was discovered that the networking stack permits attackers to
force hash collisions in the IPv6 connection lookup table, which may
result in denial of service (significant increase in the cost of
lookups, increased CPU utilization).
CVE-2023-1380
Jisoo Jang reported a heap out-of-bounds read in the brcmfmac Wi-Fi
driver.
CVE-2023-2007
Lucas Leong and Reno Robert discovered a time-of-check-to-time-of-
use flaw in the dpt_i2o SCSI controller driver.
This flaw has been mitigated by removing support for the I2OUSRCMD
operation.
CVE-2023-2124
Kyle Zeng, Akshay Ajayan and Fish Wang discovered that missing
metadata validation may result in denial of service or potential
privilege escalation if a corrupted XFS disk image is mounted.
CVE-2023-2898
It was discovered that missing sanitising in the f2fs file
system may result in denial of service if a malformed file
system is accessed.
CVE-2023-3111
The TOTE Robot tool found a flaw in the Btrfs filesystem driver that
can lead to a use-after-free.
CVE-2023-3212
Yang Lan that missing validation in the GFS2 filesystem could result
in denial of service via a NULL pointer dereference when mounting a
malformed GFS2 filesystem.
This flaw has been mitigated by removing the DECnet protocol
implementation.
CVE-2023-3389
Querijn Voet discovered a use-after-free in the io_uring subsystem,
which may result in denial of service or privilege escalation.
CVE-2023-4004
It was discovered that a use-after-free in Netfilter's
implementation of PIPAPO (PIle PAcket POlicies) may result in denial
of service or potential local privilege escalation for a user with
the CAP_NET_ADMIN capability in any user or network namespace.
CVE-2023-4194
A type confusion in the implementation of TUN/TAP network devices
may allow a local user to bypass network filters.
CVE-2023-4273
Maxim Suhanov discovered a stack overflow in the exFAT driver, which
may result in local denial of service via a malformed file system.
CVE-2023-20588
Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Koepf and
Oleksii Oleksenko discovered that on some AMD CPUs with the Zen1
micro architecture an integer division by zero may leave stale
quotient data from a previous division, resulting in a potential
leak of sensitive data.
CVE-2023-21255
A use-after-free was discovered in the in the Android binder driver,
which may result in local privilege escalation on systems where the
binder driver is loaded.
CVE-2023-34319
Ross Lagerwall discovered a buffer overrun in Xen's netback driver
which may allow a Xen guest to cause denial of service to the
virtualisation host my sending malformed packets.
CVE-2023-40283
A use-after-free was discovered in Bluetooth L2CAP socket handling.
For the oldstable distribution (bullseye), these problems have been fixed in version 5.10.191-1.
We recommend that you upgrade your linux packages.
For the detailed security status of linux please refer to its security tracker page at: https://security-tracker.debian.org/tracker/linux
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmTfvC5fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0QmDBAAnjvIhfwWPmYeanAyC9Hwdx2L9ATqx235c5K4I9xOWCRR+1oiM3WIKDz1 jnFbRnCKEPMUeIMWaSwXj11OvjDIY31nnUqRzf/hoT8PQ6dHi1p/fpmjReLFL9sw FoYhyabKtkGMBUXF4dCz2Qn62yPGFDgupBMlK1BQ1kJvxZABaKG0PGTqqPX4iOla DkbNvwq2lLr0K6oYKp8Nu+tQ+1I6U8PI4EvAlYbybvo0WXvbZy9pOmBilJhBqYrC 6Ql1ndovBzDi3H8Qo+C8WJRdFcjP+dBOpW/lu9EcHbNmHG1cWLO8EexqvfoW8GAV qf0CEtULUwsn6pM5uW+SEgfsiETFPXbzQt+FxH2L2NGLhLmb73dIK074/Ids8lx4 V4tNh+pVTli+sTCB6uGaRQvM4uNTxm5mV9+saacM6vel6KvD/qRreCMCDhvk9CkS ETg3sJjbw/Hv83RwfqTlXicJh5KpA5JikrztMnHNAQKru93uSH6dOLpOd45/SeA8 KHw604LkeuzAiqFltE76HS1h/jDXO0Mfb0UvIH5N1tmgcr3qaRaFvZQ6sYy8NTHa 6N5pnfKJJXRuYe/aadjlC2xQmUMvU8HD39dqp6Z+XFjjzLmz5NN9rLHZKqaLSx6C IFId+FMkkKLeQFWylM+mA5WwiUTEx0JvREFPjtOjJ4RDHf3Mmws= =z/8h -----END PGP SIGNATURE----- . ========================================================================== Ubuntu Security Notice USN-6332-1 August 31, 2023
linux-azure, linux-azure-5.15, linux-azure-fde vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description: - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems - linux-azure-5.15: Linux kernel for Microsoft Azure cloud systems
Details:
Daniel Moghimi discovered that some Intel(R) Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. (CVE-2022-40982)
William Zhao discovered that the Traffic Control (TC) subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2022-4269)
It was discovered that the NTFS file system implementation in the Linux kernel did not properly check buffer indexes in certain situations, leading to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-48502)
Seth Jenkins discovered that the Linux kernel did not properly perform address randomization for a per-cpu memory management structure. A local attacker could use this to expose sensitive information (kernel memory) or in conjunction with another kernel vulnerability. (CVE-2023-0597)
It was discovered that a race condition existed in the btrfs file system implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-1611)
It was discovered that the APM X-Gene SoC hardware monitoring driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-1855)
It was discovered that the ST NCI NFC driver did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2023-1990)
Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service (bluetooth communication). (CVE-2023-2002)
Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. (CVE-2023-20593)
It was discovered that the XFS file system implementation in the Linux kernel did not properly perform metadata validation when mounting certain images. An attacker could use this to specially craft a file system image that, when mounted, could cause a denial of service (system crash). (CVE-2023-2124)
Ye Zhang and Nicolas Wu discovered that the io_uring subsystem in the Linux kernel did not properly handle locking for rings with IOPOLL, leading to a double-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-21400)
Juan Jose Lopez Jaimez, Meador Inge, Simon Scannell, and Nenad Stojanovski discovered that the BPF verifier in the Linux kernel did not properly mark registers for precision tracking in certain situations, leading to an out- of-bounds access vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2163)
It was discovered that the SLIMpro I2C device driver in the Linux kernel did not properly validate user-supplied data in some situations, leading to an out-of-bounds write vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2194)
It was discovered that the perf subsystem in the Linux kernel contained a use-after-free vulnerability. A privileged local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-2235)
Zheng Zhang discovered that the device-mapper implementation in the Linux kernel did not properly handle locking during table_clear() operations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-2269)
It was discovered that the ARM Mali Display Processor driver implementation in the Linux kernel did not properly handle certain error conditions. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-23004)
It was discovered that a race condition existed in the TLS subsystem in the Linux kernel, leading to a use-after-free or a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-28466)
It was discovered that the DA9150 charger driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-30772)
It was discovered that the Ricoh R5C592 MemoryStick card reader driver in the Linux kernel contained a race condition during module unload, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3141)
Quentin Minster discovered that the KSMBD implementation in the Linux kernel did not properly validate pointers in some situations, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service (system crash). (CVE-2023-32248)
It was discovered that the kernel->user space relay implementation in the Linux kernel did not properly perform certain buffer calculations, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2023-3268)
It was discovered that the Qualcomm EMAC ethernet driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-33203)
It was discovered that the BQ24190 charger driver in the Linux kernel did not properly handle device removal, leading to a user-after free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-33288)
It was discovered that the video4linux driver for Philips based TV cards in the Linux kernel contained a race condition during device removal, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35823)
It was discovered that the SDMC DM1105 PCI device driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35824)
It was discovered that the Renesas USB controller driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35828)
It was discovered that the Rockchip Video Decoder IP driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35829)
It was discovered that the universal 32bit network packet classifier implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3609)
It was discovered that the netfilter subsystem in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3610)
It was discovered that the Quick Fair Queueing network scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3611)
It was discovered that the network packet classifier with netfilter/firewall marks implementation in the Linux kernel did not properly handle reference counting, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3776)
Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle table rules flush in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-3777)
Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle rule additions to bound chains in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-3995)
It was discovered that the netfilter subsystem in the Linux kernel did not properly handle PIPAPO element removal, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-4004)
Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle bound chain deactivation in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-4015)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 22.04 LTS: linux-image-5.15.0-1045-azure 5.15.0-1045.52 linux-image-5.15.0-1045-azure-fde 5.15.0-1045.52.1 linux-image-azure-fde-lts-22.04 5.15.0.1045.52.23 linux-image-azure-lts-22.04 5.15.0.1045.41
Ubuntu 20.04 LTS: linux-image-5.15.0-1045-azure 5.15.0-1045.52~20.04.1 linux-image-azure 5.15.0.1045.52~20.04.34 linux-image-azure-cvm 5.15.0.1045.52~20.04.34
After a standard system update you need to reboot your computer to make all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.
References: https://ubuntu.com/security/notices/USN-6332-1 CVE-2022-40982, CVE-2022-4269, CVE-2022-48502, CVE-2023-0597, CVE-2023-1611, CVE-2023-1855, CVE-2023-1990, CVE-2023-2002, CVE-2023-20593, CVE-2023-2124, CVE-2023-21400, CVE-2023-2163, CVE-2023-2194, CVE-2023-2235, CVE-2023-2269, CVE-2023-23004, CVE-2023-28466, CVE-2023-30772, CVE-2023-3141, CVE-2023-32248, CVE-2023-3268, CVE-2023-33203, CVE-2023-33288, CVE-2023-35823, CVE-2023-35824, CVE-2023-35828, CVE-2023-35829, CVE-2023-3609, CVE-2023-3610, CVE-2023-3611, CVE-2023-3776, CVE-2023-3777, CVE-2023-3995, CVE-2023-4004, CVE-2023-4015
Package Information: https://launchpad.net/ubuntu/+source/linux-azure/5.15.0-1045.52 https://launchpad.net/ubuntu/+source/linux-azure-fde/5.15.0-1045.52.1 https://launchpad.net/ubuntu/+source/linux-azure-5.15/5.15.0-1045.52~20.04.1
.
Livepatches for supported HWE kernels which are not based on an LTS kernel version will receive upgrades for a period of up to 9 months after the build date of the kernel, or until the end of support for that kernel’s non-LTS distro release version, whichever is sooner
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202307-0874",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "10.0"
},
{
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "11.0"
},
{
"model": "gnu/linux",
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": "android",
"scope": null,
"trust": 0.8,
"vendor": "google",
"version": null
},
{
"model": "pixel",
"scope": null,
"trust": 0.6,
"vendor": "google",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65161"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-021902"
},
{
"db": "NVD",
"id": "CVE-2023-21400"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2023-21400"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ubuntu",
"sources": [
{
"db": "PACKETSTORM",
"id": "174401"
},
{
"db": "PACKETSTORM",
"id": "174453"
},
{
"db": "PACKETSTORM",
"id": "174433"
},
{
"db": "PACKETSTORM",
"id": "174449"
},
{
"db": "PACKETSTORM",
"id": "174534"
}
],
"trust": 0.5
},
"cve": "CVE-2023-21400",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "MULTIPLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.5,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 2.5,
"id": "CNVD-2023-65161",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:M/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.7,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2023-21400",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2023-21400",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2023-65161",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202307-1159",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65161"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-021902"
},
{
"db": "CNNVD",
"id": "CNNVD-202307-1159"
},
{
"db": "NVD",
"id": "CVE-2023-21400"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In multiple functions of io_uring.c, there is a possible kernel memory corruption due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation. Google of Android Products from multiple vendors, such as Microsoft, contain vulnerabilities related to resource locking.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Google Pixel is a smart phone of Google (Google). -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n- -------------------------------------------------------------------------\nDebian Security Advisory DSA-5480-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nAugust 18, 2023 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : linux\nCVE ID : CVE-2022-4269 CVE-2022-39189 CVE-2023-1206 CVE-2023-1380\n CVE-2023-2002 CVE-2023-2007 CVE-2023-2124 CVE-2023-2269\n CVE-2023-2898 CVE-2023-3090 CVE-2023-3111 CVE-2023-3212\n CVE-2023-3268 CVE-2023-3338 CVE-2023-3389 CVE-2023-3609\n CVE-2023-3611 CVE-2023-3776 CVE-2023-3863 CVE-2023-4004\n CVE-2023-4128 CVE-2023-4132 CVE-2023-4147 CVE-2023-4194\n CVE-2023-4273 CVE-2023-20588 CVE-2023-21255 CVE-2023-21400\n CVE-2023-31084 CVE-2023-34319 CVE-2023-35788 CVE-2023-40283\n\nSeveral vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or information\nleaks. \n\nCVE-2023-1206\n\n It was discovered that the networking stack permits attackers to\n force hash collisions in the IPv6 connection lookup table, which may\n result in denial of service (significant increase in the cost of\n lookups, increased CPU utilization). \n\nCVE-2023-1380\n\n Jisoo Jang reported a heap out-of-bounds read in the brcmfmac Wi-Fi\n driver. \n\nCVE-2023-2007\n\n Lucas Leong and Reno Robert discovered a time-of-check-to-time-of-\n use flaw in the dpt_i2o SCSI controller driver. \n\n This flaw has been mitigated by removing support for the I2OUSRCMD\n operation. \n\nCVE-2023-2124\n\n Kyle Zeng, Akshay Ajayan and Fish Wang discovered that missing\n metadata validation may result in denial of service or potential\n privilege escalation if a corrupted XFS disk image is mounted. \n\nCVE-2023-2898\n\n It was discovered that missing sanitising in the f2fs file\n system may result in denial of service if a malformed file\n system is accessed. \n\nCVE-2023-3111\n\n The TOTE Robot tool found a flaw in the Btrfs filesystem driver that\n can lead to a use-after-free. \n\nCVE-2023-3212\n\n Yang Lan that missing validation in the GFS2 filesystem could result\n in denial of service via a NULL pointer dereference when mounting a\n malformed GFS2 filesystem. \n\n This flaw has been mitigated by removing the DECnet protocol\n implementation. \n\nCVE-2023-3389\n\n Querijn Voet discovered a use-after-free in the io_uring subsystem,\n which may result in denial of service or privilege escalation. \n\nCVE-2023-4004\n\n It was discovered that a use-after-free in Netfilter\u0027s\n implementation of PIPAPO (PIle PAcket POlicies) may result in denial\n of service or potential local privilege escalation for a user with\n the CAP_NET_ADMIN capability in any user or network namespace. \n\nCVE-2023-4194\n\n A type confusion in the implementation of TUN/TAP network devices\n may allow a local user to bypass network filters. \n\nCVE-2023-4273\n\n Maxim Suhanov discovered a stack overflow in the exFAT driver, which\n may result in local denial of service via a malformed file system. \n\nCVE-2023-20588\n\n Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Koepf and\n Oleksii Oleksenko discovered that on some AMD CPUs with the Zen1\n micro architecture an integer division by zero may leave stale\n quotient data from a previous division, resulting in a potential\n leak of sensitive data. \n\nCVE-2023-21255\n\n A use-after-free was discovered in the in the Android binder driver,\n which may result in local privilege escalation on systems where the\n binder driver is loaded. \n\nCVE-2023-34319\n\n Ross Lagerwall discovered a buffer overrun in Xen\u0027s netback driver\n which may allow a Xen guest to cause denial of service to the\n virtualisation host my sending malformed packets. \n\nCVE-2023-40283\n\n A use-after-free was discovered in Bluetooth L2CAP socket handling. \n\nFor the oldstable distribution (bullseye), these problems have been fixed\nin version 5.10.191-1. \n\nWe recommend that you upgrade your linux packages. \n\nFor the detailed security status of linux please refer to its security\ntracker page at:\nhttps://security-tracker.debian.org/tracker/linux\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmTfvC5fFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2\nNDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND\nz0QmDBAAnjvIhfwWPmYeanAyC9Hwdx2L9ATqx235c5K4I9xOWCRR+1oiM3WIKDz1\njnFbRnCKEPMUeIMWaSwXj11OvjDIY31nnUqRzf/hoT8PQ6dHi1p/fpmjReLFL9sw\nFoYhyabKtkGMBUXF4dCz2Qn62yPGFDgupBMlK1BQ1kJvxZABaKG0PGTqqPX4iOla\nDkbNvwq2lLr0K6oYKp8Nu+tQ+1I6U8PI4EvAlYbybvo0WXvbZy9pOmBilJhBqYrC\n6Ql1ndovBzDi3H8Qo+C8WJRdFcjP+dBOpW/lu9EcHbNmHG1cWLO8EexqvfoW8GAV\nqf0CEtULUwsn6pM5uW+SEgfsiETFPXbzQt+FxH2L2NGLhLmb73dIK074/Ids8lx4\nV4tNh+pVTli+sTCB6uGaRQvM4uNTxm5mV9+saacM6vel6KvD/qRreCMCDhvk9CkS\nETg3sJjbw/Hv83RwfqTlXicJh5KpA5JikrztMnHNAQKru93uSH6dOLpOd45/SeA8\nKHw604LkeuzAiqFltE76HS1h/jDXO0Mfb0UvIH5N1tmgcr3qaRaFvZQ6sYy8NTHa\n6N5pnfKJJXRuYe/aadjlC2xQmUMvU8HD39dqp6Z+XFjjzLmz5NN9rLHZKqaLSx6C\nIFId+FMkkKLeQFWylM+mA5WwiUTEx0JvREFPjtOjJ4RDHf3Mmws=\n=z/8h\n-----END PGP SIGNATURE-----\n. ==========================================================================\nUbuntu Security Notice USN-6332-1\nAugust 31, 2023\n\nlinux-azure, linux-azure-5.15, linux-azure-fde vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 22.04 LTS\n- Ubuntu 20.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in the Linux kernel. \n\nSoftware Description:\n- linux-azure: Linux kernel for Microsoft Azure Cloud systems\n- linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems\n- linux-azure-5.15: Linux kernel for Microsoft Azure cloud systems\n\nDetails:\n\nDaniel Moghimi discovered that some Intel(R) Processors did not properly\nclear microarchitectural state after speculative execution of various\ninstructions. A local unprivileged user could use this to obtain to\nsensitive information. (CVE-2022-40982)\n\nWilliam Zhao discovered that the Traffic Control (TC) subsystem in the\nLinux kernel did not properly handle network packet retransmission in\ncertain situations. A local attacker could use this to cause a denial of\nservice (kernel deadlock). (CVE-2022-4269)\n\nIt was discovered that the NTFS file system implementation in the Linux\nkernel did not properly check buffer indexes in certain situations, leading\nto an out-of-bounds read vulnerability. A local attacker could possibly use\nthis to expose sensitive information (kernel memory). (CVE-2022-48502)\n\nSeth Jenkins discovered that the Linux kernel did not properly perform\naddress randomization for a per-cpu memory management structure. A local\nattacker could use this to expose sensitive information (kernel memory) or\nin conjunction with another kernel vulnerability. (CVE-2023-0597)\n\nIt was discovered that a race condition existed in the btrfs file system\nimplementation in the Linux kernel, leading to a use-after-free\nvulnerability. A local attacker could use this to cause a denial of service\n(system crash) or possibly expose sensitive information. (CVE-2023-1611)\n\nIt was discovered that the APM X-Gene SoC hardware monitoring driver in the\nLinux kernel contained a race condition, leading to a use-after-free\nvulnerability. A local attacker could use this to cause a denial of service\n(system crash) or expose sensitive information (kernel memory). \n(CVE-2023-1855)\n\nIt was discovered that the ST NCI NFC driver did not properly handle device\nremoval events. A physically proximate attacker could use this to cause a\ndenial of service (system crash). (CVE-2023-1990)\n\nRuihan Li discovered that the bluetooth subsystem in the Linux kernel did\nnot properly perform permissions checks when handling HCI sockets. A\nphysically proximate attacker could use this to cause a denial of service\n(bluetooth communication). (CVE-2023-2002)\n\nTavis Ormandy discovered that some AMD processors did not properly handle\nspeculative execution of certain vector register instructions. A local\nattacker could use this to expose sensitive information. (CVE-2023-20593)\n\nIt was discovered that the XFS file system implementation in the Linux\nkernel did not properly perform metadata validation when mounting certain\nimages. An attacker could use this to specially craft a file system image\nthat, when mounted, could cause a denial of service (system crash). \n(CVE-2023-2124)\n\nYe Zhang and Nicolas Wu discovered that the io_uring subsystem in the Linux\nkernel did not properly handle locking for rings with IOPOLL, leading to a\ndouble-free vulnerability. A local attacker could use this to cause a\ndenial of service (system crash) or possibly execute arbitrary code. \n(CVE-2023-21400)\n\nJuan Jose Lopez Jaimez, Meador Inge, Simon Scannell, and Nenad Stojanovski\ndiscovered that the BPF verifier in the Linux kernel did not properly mark\nregisters for precision tracking in certain situations, leading to an out-\nof-bounds access vulnerability. A local attacker could use this to cause a\ndenial of service (system crash) or possibly execute arbitrary code. \n(CVE-2023-2163)\n\nIt was discovered that the SLIMpro I2C device driver in the Linux kernel\ndid not properly validate user-supplied data in some situations, leading to\nan out-of-bounds write vulnerability. A privileged attacker could use this\nto cause a denial of service (system crash) or possibly execute arbitrary\ncode. (CVE-2023-2194)\n\nIt was discovered that the perf subsystem in the Linux kernel contained a\nuse-after-free vulnerability. A privileged local attacker could possibly\nuse this to cause a denial of service (system crash) or possibly execute\narbitrary code. (CVE-2023-2235)\n\nZheng Zhang discovered that the device-mapper implementation in the Linux\nkernel did not properly handle locking during table_clear() operations. A\nlocal attacker could use this to cause a denial of service (kernel\ndeadlock). (CVE-2023-2269)\n\nIt was discovered that the ARM Mali Display Processor driver implementation\nin the Linux kernel did not properly handle certain error conditions. A\nlocal attacker could possibly use this to cause a denial of service (system\ncrash). (CVE-2023-23004)\n\nIt was discovered that a race condition existed in the TLS subsystem in the\nLinux kernel, leading to a use-after-free or a null pointer dereference\nvulnerability. A local attacker could use this to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2023-28466)\n\nIt was discovered that the DA9150 charger driver in the Linux kernel did\nnot properly handle device removal, leading to a user-after free\nvulnerability. A physically proximate attacker could use this to cause a\ndenial of service (system crash) or possibly execute arbitrary code. \n(CVE-2023-30772)\n\nIt was discovered that the Ricoh R5C592 MemoryStick card reader driver in\nthe Linux kernel contained a race condition during module unload, leading\nto a use-after-free vulnerability. A local attacker could use this to cause\na denial of service (system crash) or possibly execute arbitrary code. \n(CVE-2023-3141)\n\nQuentin Minster discovered that the KSMBD implementation in the Linux\nkernel did not properly validate pointers in some situations, leading to a\nnull pointer dereference vulnerability. A remote attacker could use this to\ncause a denial of service (system crash). (CVE-2023-32248)\n\nIt was discovered that the kernel-\u003euser space relay implementation in the\nLinux kernel did not properly perform certain buffer calculations, leading\nto an out-of-bounds read vulnerability. A local attacker could use this to\ncause a denial of service (system crash) or expose sensitive information\n(kernel memory). (CVE-2023-3268)\n\nIt was discovered that the Qualcomm EMAC ethernet driver in the Linux\nkernel did not properly handle device removal, leading to a user-after free\nvulnerability. A physically proximate attacker could use this to cause a\ndenial of service (system crash) or possibly execute arbitrary code. \n(CVE-2023-33203)\n\nIt was discovered that the BQ24190 charger driver in the Linux kernel did\nnot properly handle device removal, leading to a user-after free\nvulnerability. A physically proximate attacker could use this to cause a\ndenial of service (system crash) or possibly execute arbitrary code. \n(CVE-2023-33288)\n\nIt was discovered that the video4linux driver for Philips based TV cards in\nthe Linux kernel contained a race condition during device removal, leading\nto a use-after-free vulnerability. A physically proximate attacker could\nuse this to cause a denial of service (system crash) or possibly execute\narbitrary code. (CVE-2023-35823)\n\nIt was discovered that the SDMC DM1105 PCI device driver in the Linux\nkernel contained a race condition during device removal, leading to a use-\nafter-free vulnerability. A physically proximate attacker could use this to\ncause a denial of service (system crash) or possibly execute arbitrary\ncode. (CVE-2023-35824)\n\nIt was discovered that the Renesas USB controller driver in the Linux\nkernel contained a race condition during device removal, leading to a use-\nafter-free vulnerability. A privileged attacker could use this to cause a\ndenial of service (system crash) or possibly execute arbitrary code. \n(CVE-2023-35828)\n\nIt was discovered that the Rockchip Video Decoder IP driver in the Linux\nkernel contained a race condition during device removal, leading to a use-\nafter-free vulnerability. A privileged attacker could use this to cause a\ndenial of service (system crash) or possibly execute arbitrary code. \n(CVE-2023-35829)\n\nIt was discovered that the universal 32bit network packet classifier\nimplementation in the Linux kernel did not properly perform reference\ncounting in some situations, leading to a use-after-free vulnerability. A\nlocal attacker could use this to cause a denial of service (system crash)\nor possibly execute arbitrary code. (CVE-2023-3609)\n\nIt was discovered that the netfilter subsystem in the Linux kernel did not\nproperly handle certain error conditions, leading to a use-after-free\nvulnerability. A local attacker could use this to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2023-3610)\n\nIt was discovered that the Quick Fair Queueing network scheduler\nimplementation in the Linux kernel contained an out-of-bounds write\nvulnerability. A local attacker could use this to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2023-3611)\n\nIt was discovered that the network packet classifier with\nnetfilter/firewall marks implementation in the Linux kernel did not\nproperly handle reference counting, leading to a use-after-free\nvulnerability. A local attacker could use this to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2023-3776)\n\nKevin Rich discovered that the netfilter subsystem in the Linux kernel did\nnot properly handle table rules flush in certain circumstances. A local\nattacker could possibly use this to cause a denial of service (system\ncrash) or execute arbitrary code. (CVE-2023-3777)\n\nKevin Rich discovered that the netfilter subsystem in the Linux kernel did\nnot properly handle rule additions to bound chains in certain\ncircumstances. A local attacker could possibly use this to cause a denial\nof service (system crash) or execute arbitrary code. (CVE-2023-3995)\n\nIt was discovered that the netfilter subsystem in the Linux kernel did not\nproperly handle PIPAPO element removal, leading to a use-after-free\nvulnerability. A local attacker could possibly use this to cause a denial\nof service (system crash) or execute arbitrary code. (CVE-2023-4004)\n\nKevin Rich discovered that the netfilter subsystem in the Linux kernel did\nnot properly handle bound chain deactivation in certain circumstances. A\nlocal attacker could possibly use this to cause a denial of service (system\ncrash) or execute arbitrary code. (CVE-2023-4015)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 22.04 LTS:\n linux-image-5.15.0-1045-azure 5.15.0-1045.52\n linux-image-5.15.0-1045-azure-fde 5.15.0-1045.52.1\n linux-image-azure-fde-lts-22.04 5.15.0.1045.52.23\n linux-image-azure-lts-22.04 5.15.0.1045.41\n\nUbuntu 20.04 LTS:\n linux-image-5.15.0-1045-azure 5.15.0-1045.52~20.04.1\n linux-image-azure 5.15.0.1045.52~20.04.34\n linux-image-azure-cvm 5.15.0.1045.52~20.04.34\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nATTENTION: Due to an unavoidable ABI change the kernel updates have\nbeen given a new version number, which requires you to recompile and\nreinstall all third party kernel modules you might have installed. \nUnless you manually uninstalled the standard kernel metapackages\n(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,\nlinux-powerpc), a standard system upgrade will automatically perform\nthis as well. \n\nReferences:\n https://ubuntu.com/security/notices/USN-6332-1\n CVE-2022-40982, CVE-2022-4269, CVE-2022-48502, CVE-2023-0597,\n CVE-2023-1611, CVE-2023-1855, CVE-2023-1990, CVE-2023-2002,\n CVE-2023-20593, CVE-2023-2124, CVE-2023-21400, CVE-2023-2163,\n CVE-2023-2194, CVE-2023-2235, CVE-2023-2269, CVE-2023-23004,\n CVE-2023-28466, CVE-2023-30772, CVE-2023-3141, CVE-2023-32248,\n CVE-2023-3268, CVE-2023-33203, CVE-2023-33288, CVE-2023-35823,\n CVE-2023-35824, CVE-2023-35828, CVE-2023-35829, CVE-2023-3609,\n CVE-2023-3610, CVE-2023-3611, CVE-2023-3776, CVE-2023-3777,\n CVE-2023-3995, CVE-2023-4004, CVE-2023-4015\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/linux-azure/5.15.0-1045.52\n https://launchpad.net/ubuntu/+source/linux-azure-fde/5.15.0-1045.52.1\n https://launchpad.net/ubuntu/+source/linux-azure-5.15/5.15.0-1045.52~20.04.1\n\n. \n\nLivepatches for supported HWE kernels which are not based on an LTS\nkernel version will receive upgrades for a period of up to 9 months\nafter the build date of the kernel, or until the end of support for that\nkernel\u2019s non-LTS distro release version, whichever is sooner",
"sources": [
{
"db": "NVD",
"id": "CVE-2023-21400"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-021902"
},
{
"db": "CNVD",
"id": "CNVD-2023-65161"
},
{
"db": "VULMON",
"id": "CVE-2023-21400"
},
{
"db": "PACKETSTORM",
"id": "174246"
},
{
"db": "PACKETSTORM",
"id": "174401"
},
{
"db": "PACKETSTORM",
"id": "174453"
},
{
"db": "PACKETSTORM",
"id": "174433"
},
{
"db": "PACKETSTORM",
"id": "175072"
},
{
"db": "PACKETSTORM",
"id": "174449"
},
{
"db": "PACKETSTORM",
"id": "174534"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2023-21400",
"trust": 4.6
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2023/07/14/2",
"trust": 2.5
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2023/07/19/7",
"trust": 2.4
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2023/07/19/2",
"trust": 2.4
},
{
"db": "PACKETSTORM",
"id": "175072",
"trust": 1.9
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2023/07/25/7",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2023-021902",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2023-65161",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202307-1159",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2023-21400",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "174246",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "174401",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "174453",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "174433",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "174449",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "174534",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65161"
},
{
"db": "VULMON",
"id": "CVE-2023-21400"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-021902"
},
{
"db": "PACKETSTORM",
"id": "174246"
},
{
"db": "PACKETSTORM",
"id": "174401"
},
{
"db": "PACKETSTORM",
"id": "174453"
},
{
"db": "PACKETSTORM",
"id": "174433"
},
{
"db": "PACKETSTORM",
"id": "175072"
},
{
"db": "PACKETSTORM",
"id": "174449"
},
{
"db": "PACKETSTORM",
"id": "174534"
},
{
"db": "CNNVD",
"id": "CNNVD-202307-1159"
},
{
"db": "NVD",
"id": "CVE-2023-21400"
}
]
},
"id": "VAR-202307-0874",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65161"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"IoT"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65161"
}
]
},
"last_update_date": "2024-01-21T20:04:32.692000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Google Pixel Privilege Escalation Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/442931"
},
{
"title": "Google Pixel Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=246885"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65161"
},
{
"db": "CNNVD",
"id": "CNNVD-202307-1159"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-667",
"trust": 1.0
},
{
"problemtype": "improper lock (CWE-667) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-021902"
},
{
"db": "NVD",
"id": "CVE-2023-21400"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-21400"
},
{
"trust": 2.5,
"url": "https://source.android.com/security/bulletin/pixel/2023-07-01"
},
{
"trust": 2.5,
"url": "http://www.openwall.com/lists/oss-security/2023/07/14/2"
},
{
"trust": 2.4,
"url": "http://www.openwall.com/lists/oss-security/2023/07/19/2"
},
{
"trust": 2.4,
"url": "http://www.openwall.com/lists/oss-security/2023/07/19/7"
},
{
"trust": 1.8,
"url": "http://packetstormsecurity.com/files/175072/kernel-live-patch-security-notice-lsn-0098-1.html"
},
{
"trust": 1.8,
"url": "http://www.openwall.com/lists/oss-security/2023/07/25/7"
},
{
"trust": 1.8,
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html"
},
{
"trust": 1.8,
"url": "https://www.debian.org/security/2023/dsa-5480"
},
{
"trust": 1.0,
"url": "https://security.netapp.com/advisory/ntap-20240119-0012/"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2023-21400/"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-3995"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-3777"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-20593"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-4004"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-40982"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-3609"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-3776"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-4015"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-3610"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-3611"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-4269"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-3090"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-2124"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-2002"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-1206"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-21255"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-1380"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-39189"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-31084"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-2007"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/linux"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-2269"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-2898"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-20588"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-oracle-5.15/5.15.0-1041.47~20.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-gcp/5.15.0-1040.48"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-6315-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-gke/5.15.0-1040.45"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-gkeop/5.15.0-1026.31"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-aws-5.15/5.15.0-1043.48~20.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-aws/5.15.0-1043.48"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-nvidia/5.15.0-1031.31"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-oracle/5.15.0-1041.47"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-hwe-5.15/5.15.0-82.91~20.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-lowlatency/5.15.0-82.91"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux/5.15.0-82.91"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-kvm/5.15.0-1040.45"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-ibm/5.15.0-1036.39"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-lowlatency-hwe-5.15/5.15.0-82.91~20.04.1"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-6332-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-azure-5.15/5.15.0-1045.52~20.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-azure-fde/5.15.0-1045.52.1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-0597"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-2194"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-48502"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-azure/5.15.0-1045.52"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-1990"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-2235"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-1611"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-2163"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-1855"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-6325-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-gkeop-5.15/5.15.0-1026.31~20.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-intel-iotg/5.15.0-1038.43"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-40283"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-3567"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-4128"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-6330-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-gcp-5.15/5.15.0-1040.48~20.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-raspi/5.15.0-1036.39"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-6348-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-intel-iotg-5.15/5.15.0-1038.43~20.04.1"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-65161"
},
{
"db": "VULMON",
"id": "CVE-2023-21400"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-021902"
},
{
"db": "PACKETSTORM",
"id": "174246"
},
{
"db": "PACKETSTORM",
"id": "174401"
},
{
"db": "PACKETSTORM",
"id": "174453"
},
{
"db": "PACKETSTORM",
"id": "174433"
},
{
"db": "PACKETSTORM",
"id": "175072"
},
{
"db": "PACKETSTORM",
"id": "174449"
},
{
"db": "PACKETSTORM",
"id": "174534"
},
{
"db": "CNNVD",
"id": "CNNVD-202307-1159"
},
{
"db": "NVD",
"id": "CVE-2023-21400"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2023-65161"
},
{
"db": "VULMON",
"id": "CVE-2023-21400"
},
{
"db": "JVNDB",
"id": "JVNDB-2023-021902"
},
{
"db": "PACKETSTORM",
"id": "174246"
},
{
"db": "PACKETSTORM",
"id": "174401"
},
{
"db": "PACKETSTORM",
"id": "174453"
},
{
"db": "PACKETSTORM",
"id": "174433"
},
{
"db": "PACKETSTORM",
"id": "175072"
},
{
"db": "PACKETSTORM",
"id": "174449"
},
{
"db": "PACKETSTORM",
"id": "174534"
},
{
"db": "CNNVD",
"id": "CNNVD-202307-1159"
},
{
"db": "NVD",
"id": "CVE-2023-21400"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-07-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-65161"
},
{
"date": "2023-07-13T00:00:00",
"db": "VULMON",
"id": "CVE-2023-21400"
},
{
"date": "2024-01-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2023-021902"
},
{
"date": "2023-08-21T16:25:52",
"db": "PACKETSTORM",
"id": "174246"
},
{
"date": "2023-08-30T15:24:17",
"db": "PACKETSTORM",
"id": "174401"
},
{
"date": "2023-09-02T13:17:45",
"db": "PACKETSTORM",
"id": "174453"
},
{
"date": "2023-08-31T15:25:45",
"db": "PACKETSTORM",
"id": "174433"
},
{
"date": "2023-10-11T16:48:43",
"db": "PACKETSTORM",
"id": "175072"
},
{
"date": "2023-09-02T13:08:20",
"db": "PACKETSTORM",
"id": "174449"
},
{
"date": "2023-09-06T17:15:58",
"db": "PACKETSTORM",
"id": "174534"
},
{
"date": "2023-07-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202307-1159"
},
{
"date": "2023-07-13T00:15:24.340000",
"db": "NVD",
"id": "CVE-2023-21400"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-08-28T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-65161"
},
{
"date": "2023-07-14T00:00:00",
"db": "VULMON",
"id": "CVE-2023-21400"
},
{
"date": "2024-01-19T08:13:00",
"db": "JVNDB",
"id": "JVNDB-2023-021902"
},
{
"date": "2023-07-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202307-1159"
},
{
"date": "2024-01-19T16:15:08.817000",
"db": "NVD",
"id": "CVE-2023-21400"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "PACKETSTORM",
"id": "174401"
},
{
"db": "PACKETSTORM",
"id": "174453"
},
{
"db": "PACKETSTORM",
"id": "174433"
},
{
"db": "PACKETSTORM",
"id": "175072"
},
{
"db": "PACKETSTORM",
"id": "174449"
},
{
"db": "PACKETSTORM",
"id": "174534"
},
{
"db": "CNNVD",
"id": "CNNVD-202307-1159"
}
],
"trust": 1.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Google\u00a0 of \u00a0Android\u00a0 Vulnerability related to resource locking in products from multiple vendors such as",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2023-021902"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202307-1159"
}
],
"trust": 0.6
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.