usn-6339-2
Vulnerability from osv_ubuntu
Published
2023-09-08 21:44
Modified
2026-06-03 10:45
Summary
linux-gcp-5.15, linux-gkeop-5.15 vulnerabilities
Details

It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2022-48425)

Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-21255)

It was discovered that a race condition existed in the f2fs file system in the Linux kernel, leading to a null pointer dereference vulnerability. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2023-2898)

It was discovered that the DVB Core driver in the Linux kernel did not properly handle locking events in certain situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-31084)

Yang Lan discovered that the GFS2 file system implementation in the Linux kernel could attempt to dereference a null pointer in some situations. An attacker could use this to construct a malicious GFS2 image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2023-3212)

It was discovered that the KSMBD implementation in the Linux kernel did not properly validate buffer sizes in certain operations, leading to an out-of- bounds read vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-38426, CVE-2023-38428)

It was discovered that the KSMBD implementation in the Linux kernel did not properly calculate the size of certain buffers. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-38429)


{
  "affected": [
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2022-48425",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-2898",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-3212",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-21255",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-31084",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-38426",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-38428",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-38429",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:20.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "No subscription required",
        "binaries": [
          {
            "binary_name": "linux-buildinfo-5.15.0-1041-gcp",
            "binary_version": "5.15.0-1041.49~20.04.1"
          },
          {
            "binary_name": "linux-gcp-5.15-headers-5.15.0-1041",
            "binary_version": "5.15.0-1041.49~20.04.1"
          },
          {
            "binary_name": "linux-gcp-5.15-tools-5.15.0-1041",
            "binary_version": "5.15.0-1041.49~20.04.1"
          },
          {
            "binary_name": "linux-headers-5.15.0-1041-gcp",
            "binary_version": "5.15.0-1041.49~20.04.1"
          },
          {
            "binary_name": "linux-image-unsigned-5.15.0-1041-gcp",
            "binary_version": "5.15.0-1041.49~20.04.1"
          },
          {
            "binary_name": "linux-modules-5.15.0-1041-gcp",
            "binary_version": "5.15.0-1041.49~20.04.1"
          },
          {
            "binary_name": "linux-modules-extra-5.15.0-1041-gcp",
            "binary_version": "5.15.0-1041.49~20.04.1"
          },
          {
            "binary_name": "linux-modules-iwlwifi-5.15.0-1041-gcp",
            "binary_version": "5.15.0-1041.49~20.04.1"
          },
          {
            "binary_name": "linux-tools-5.15.0-1041-gcp",
            "binary_version": "5.15.0-1041.49~20.04.1"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:20.04:LTS",
        "name": "linux-gcp-5.15",
        "purl": "pkg:deb/ubuntu/linux-gcp-5.15@5.15.0-1041.49~20.04.1?arch=source\u0026distro=focal"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.15.0-1041.49~20.04.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "5.15.0-1006.9~20.04.1",
        "5.15.0-1012.17~20.04.1",
        "5.15.0-1013.18~20.04.1",
        "5.15.0-1016.21~20.04.1",
        "5.15.0-1017.23~20.04.2",
        "5.15.0-1018.24~20.04.1",
        "5.15.0-1021.28~20.04.1",
        "5.15.0-1022.29~20.04.1",
        "5.15.0-1025.32~20.04.2",
        "5.15.0-1026.33~20.04.1",
        "5.15.0-1027.34~20.04.1",
        "5.15.0-1029.36~20.04.1",
        "5.15.0-1030.37~20.04.1",
        "5.15.0-1031.38~20.04.1",
        "5.15.0-1032.40~20.04.1",
        "5.15.0-1033.41~20.04.1",
        "5.15.0-1034.42~20.04.1",
        "5.15.0-1035.43~20.04.1",
        "5.15.0-1036.44~20.04.1",
        "5.15.0-1037.45~20.04.1",
        "5.15.0-1038.46~20.04.1",
        "5.15.0-1039.47~20.04.1",
        "5.15.0-1040.48~20.04.1"
      ]
    },
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2022-48425",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-2898",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-3212",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-21255",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-31084",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-38426",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-38428",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-38429",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:20.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "No subscription required",
        "binaries": [
          {
            "binary_name": "linux-buildinfo-5.15.0-1027-gkeop",
            "binary_version": "5.15.0-1027.32~20.04.1"
          },
          {
            "binary_name": "linux-cloud-tools-5.15.0-1027-gkeop",
            "binary_version": "5.15.0-1027.32~20.04.1"
          },
          {
            "binary_name": "linux-gkeop-5.15-cloud-tools-5.15.0-1027",
            "binary_version": "5.15.0-1027.32~20.04.1"
          },
          {
            "binary_name": "linux-gkeop-5.15-headers-5.15.0-1027",
            "binary_version": "5.15.0-1027.32~20.04.1"
          },
          {
            "binary_name": "linux-gkeop-5.15-tools-5.15.0-1027",
            "binary_version": "5.15.0-1027.32~20.04.1"
          },
          {
            "binary_name": "linux-headers-5.15.0-1027-gkeop",
            "binary_version": "5.15.0-1027.32~20.04.1"
          },
          {
            "binary_name": "linux-image-unsigned-5.15.0-1027-gkeop",
            "binary_version": "5.15.0-1027.32~20.04.1"
          },
          {
            "binary_name": "linux-modules-5.15.0-1027-gkeop",
            "binary_version": "5.15.0-1027.32~20.04.1"
          },
          {
            "binary_name": "linux-modules-extra-5.15.0-1027-gkeop",
            "binary_version": "5.15.0-1027.32~20.04.1"
          },
          {
            "binary_name": "linux-tools-5.15.0-1027-gkeop",
            "binary_version": "5.15.0-1027.32~20.04.1"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:20.04:LTS",
        "name": "linux-gkeop-5.15",
        "purl": "pkg:deb/ubuntu/linux-gkeop-5.15@5.15.0-1027.32~20.04.1?arch=source\u0026distro=focal"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.15.0-1027.32~20.04.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "5.15.0-1003.5~20.04.2",
        "5.15.0-1005.7~20.04.1",
        "5.15.0-1007.10~20.04.1",
        "5.15.0-1008.12~20.04.1",
        "5.15.0-1011.15~20.04.2",
        "5.15.0-1012.16~20.04.1",
        "5.15.0-1013.17~20.04.1",
        "5.15.0-1015.19~20.04.1",
        "5.15.0-1016.21~20.04.1",
        "5.15.0-1017.22~20.04.1",
        "5.15.0-1018.23~20.04.1",
        "5.15.0-1019.24~20.04.1",
        "5.15.0-1020.25~20.04.1",
        "5.15.0-1021.26~20.04.1",
        "5.15.0-1022.27~20.04.1",
        "5.15.0-1023.28~20.04.1",
        "5.15.0-1024.29~20.04.1",
        "5.15.0-1025.30~20.04.1",
        "5.15.0-1026.31~20.04.1"
      ]
    }
  ],
  "aliases": [],
  "details": "It was discovered that the NTFS file system implementation in the Linux\nkernel did not properly validate MFT flags in certain situations. An\nattacker could use this to construct a malicious NTFS image that, when\nmounted and operated on, could cause a denial of service (system crash).\n(CVE-2022-48425)\n\nZi Fan Tan discovered that the binder IPC implementation in the Linux\nkernel contained a use-after-free vulnerability. A local attacker could use\nthis to cause a denial of service (system crash) or possibly execute\narbitrary code. (CVE-2023-21255)\n\nIt was discovered that a race condition existed in the f2fs file system in\nthe Linux kernel, leading to a null pointer dereference vulnerability. An\nattacker could use this to construct a malicious f2fs image that, when\nmounted and operated on, could cause a denial of service (system crash).\n(CVE-2023-2898)\n\nIt was discovered that the DVB Core driver in the Linux kernel did not\nproperly handle locking events in certain situations. A local attacker\ncould use this to cause a denial of service (kernel deadlock).\n(CVE-2023-31084)\n\nYang Lan discovered that the GFS2 file system implementation in the Linux\nkernel could attempt to dereference a null pointer in some situations. An\nattacker could use this to construct a malicious GFS2 image that, when\nmounted and operated on, could cause a denial of service (system crash).\n(CVE-2023-3212)\n\nIt was discovered that the KSMBD implementation in the Linux kernel did not\nproperly validate buffer sizes in certain operations, leading to an out-of-\nbounds read vulnerability. A remote attacker could use this to cause a\ndenial of service (system crash) or possibly expose sensitive information.\n(CVE-2023-38426, CVE-2023-38428)\n\nIt was discovered that the KSMBD implementation in the Linux kernel did not\nproperly calculate the size of certain buffers. A remote attacker could use\nthis to cause a denial of service (system crash) or possibly execute\narbitrary code. (CVE-2023-38429)\n",
  "id": "USN-6339-2",
  "modified": "2026-06-03T10:45:35Z",
  "published": "2023-09-08T21:44:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://ubuntu.com/security/notices/USN-6339-2"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2022-48425"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2023-2898"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2023-3212"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2023-21255"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2023-31084"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2023-38426"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2023-38428"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2023-38429"
    }
  ],
  "related": [],
  "schema_version": "1.7.0",
  "summary": "linux-gcp-5.15, linux-gkeop-5.15 vulnerabilities",
  "upstream": [
    "UBUNTU-CVE-2022-48425",
    "UBUNTU-CVE-2023-2898",
    "UBUNTU-CVE-2023-3212",
    "UBUNTU-CVE-2023-21255",
    "UBUNTU-CVE-2023-31084",
    "UBUNTU-CVE-2023-38426",
    "UBUNTU-CVE-2023-38428",
    "UBUNTU-CVE-2023-38429"
  ]
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…