Packages
- linux - Linux kernel
- linux-aws - Linux kernel for Amazon Web Services (AWS) systems
- linux-aws-5.4 - Linux kernel for Amazon Web Services (AWS) systems
- linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
- linux-hwe-5.4 - Linux hardware enablement (HWE) kernel
- linux-kvm - Linux kernel for cloud environments
- linux-oracle - Linux kernel for Oracle Cloud systems
- linux-xilinx-zynqmp - Linux kernel for Xilinx ZynqMP processors
Details
Daniel Moghimi discovered that some Intel(R) Processors did not properly
clear microarchitectural state after speculative execution of various
instructions. A local unprivileged user could use this to obtain to
sensitive information. (CVE-2022-40982)
Tavis Ormandy discovered that some AMD processors did not properly handle
speculative execution of certain vector register instructions. A local
attacker could use this to expose sensitive information. (CVE-2023-20593)
It was discovered that the universal 32bit network packet classifier
implementation in the Linux kernel did not properly perform reference
counting in some situations, leading to a use-after-free vulnerability. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2023-3609)
It was...
Daniel Moghimi discovered that some Intel(R) Processors did not properly
clear microarchitectural state after speculative execution of various
instructions. A local unprivileged user could use this to obtain to
sensitive information. (CVE-2022-40982)
Tavis Ormandy discovered that some AMD processors did not properly handle
speculative execution of certain vector register instructions. A local
attacker could use this to expose sensitive information. (CVE-2023-20593)
It was discovered that the universal 32bit network packet classifier
implementation in the Linux kernel did not properly perform reference
counting in some situations, leading to a use-after-free vulnerability. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2023-3609)
It was discovered that the Quick Fair Queueing network scheduler
implementation in the Linux kernel contained an out-of-bounds write
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-3611)
It was discovered that the network packet classifier with
netfilter/firewall marks implementation in the Linux kernel did not
properly handle reference counting, leading to a use-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-3776)
Update instructions
After a standard system update you need to reboot your computer to make all the necessary changes.
Learn more about how to get the fixes.The problem can be corrected by updating your system to the following package versions:
Reduce your security exposure
Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.
References
Related notices
- USN-6532-1
- USN-6397-1
- USN-6396-1
- USN-6396-2
- USN-6396-3
- USN-6388-1
- USN-6385-1
- USN-6357-1
- USN-6348-1
- USN-6346-1
- USN-6532-1
- USN-6397-1
- USN-6396-1
- USN-6396-2
- USN-6396-3
- USN-6388-1
- USN-6385-1
- USN-6357-1
- USN-6348-1
- USN-6346-1
- USN-6342-1
- USN-6342-2
- USN-6341-1
- USN-6332-1
- USN-6331-1
- USN-6330-1
- USN-6329-1
- USN-6328-1
- USN-6327-1
- USN-6325-1
- USN-6324-1
- USN-6321-1
- USN-6318-1
- USN-6316-1
- USN-6315-1
- USN-6309-1
- USN-6286-1
- USN-6285-1
- USN-6244-1
- LSN-0099-1
- LSN-0098-1
Have additional questions?