SB2023051061 - Ubuntu update for linux-oem-6.0 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2023051061

SB2023051061 - Ubuntu update for linux-oem-6.0

Published: May 10, 2023 Updated: June 17, 2025

Security Bulletin ID SB2023051061
Severity
Medium
Patch available
YES
Number of vulnerabilities 6
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

Medium 17% Low 83%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 6 secuirty vulnerabilities.


1) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2023-0386)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to unauthorized access to execution of setuid files in OverlayFS subsystem when copying a capable file from a nosuid mount into another mount. A local user can execute arbitrary code with root privileges.


2) NULL pointer dereference (CVE-ID: CVE-2023-0468)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the io_poll_check_events() function in io_uring/poll.c within the io_uring subcomponent in the Linux Kernel. A local user can perform a denial of service (DoS) attack.


3) Use-after-free (CVE-ID: CVE-2023-1829)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the tcindex_delete() function. A local user can trigger a use-after-free error and execute arbitrary code with root privileges.


4) Use-after-free (CVE-ID: CVE-2023-1859)

The vulnerability allows a malicious guest to gain access to sensitive information or perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the xen_9pfs_front_removet() function in net/9p/trans_xen.c in Xen transport for 9pfs. A malicious guest VM can trigger a use-after-free error and gain access to sensitive information of the hypervisor or crash it.


5) Type Confusion (CVE-ID: CVE-2023-23455)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a type confusion error within the atm_tc_enqueue() function in net/sched/sch_atm.c in the Linux kernel. A local user can trigger a type confusion error and perform a denial of service (DoS) attack.


6) Double Free (CVE-ID: CVE-2023-26545)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a double free in net/mpls/af_mpls.c during the renaming of a device. A local user can trigger a double free error and execute arbitrary code with elevated privileges.


Remediation

Install update from vendor's website.

References