ID de Prueba:	1.3.6.1.4.1.25623.1.1.12.2024.6577.1
Categoría:	Ubuntu Local Security Checks
Título:	Ubuntu: Security Advisory (USN-6577-1)
Resumen:	The remote host is missing an update for the 'linux-aws' package(s) announced via the USN-6577-1 advisory.
Descripción:	Summary: The remote host is missing an update for the 'linux-aws' package(s) announced via the USN-6577-1 advisory. Vulnerability Insight: Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-20588) It was discovered that a race condition existed in the Linux kernel when performing operations with kernel objects, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-45863) Affected Software/OS: 'linux-aws' package(s) on Ubuntu 16.04. Solution: Please install the updated package(s). CVSS Score: 5.9 CVSS Vector: AV:L/AC:H/Au:M/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2023-20588 Debian Security Information: DSA-5480 (Google Search) https://www.debian.org/security/2023/dsa-5480 Debian Security Information: DSA-5492 (Google Search) https://www.debian.org/security/2023/dsa-5492 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AGZCACEHT6ZZZGG36QQMGROBM4FLWYJX/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJTUVYZMP6BNF342DS3W7XGOGXC6JPN5/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DIOYP4ZOBML4RCUM3MHRFZUQL445MZM3/ https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7007 https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html http://www.openwall.com/lists/oss-security/2023/09/25/4 http://www.openwall.com/lists/oss-security/2023/09/25/7 http://www.openwall.com/lists/oss-security/2023/09/25/8 http://www.openwall.com/lists/oss-security/2023/09/25/3 http://www.openwall.com/lists/oss-security/2023/09/25/5 http://www.openwall.com/lists/oss-security/2023/09/26/5 http://www.openwall.com/lists/oss-security/2023/09/26/8 http://www.openwall.com/lists/oss-security/2023/09/26/9 http://www.openwall.com/lists/oss-security/2023/09/27/1 http://www.openwall.com/lists/oss-security/2023/10/03/12 http://www.openwall.com/lists/oss-security/2023/10/03/13 http://www.openwall.com/lists/oss-security/2023/10/03/14 http://www.openwall.com/lists/oss-security/2023/10/03/15 http://www.openwall.com/lists/oss-security/2023/10/03/9 http://www.openwall.com/lists/oss-security/2023/10/04/2 http://www.openwall.com/lists/oss-security/2023/10/03/16 http://www.openwall.com/lists/oss-security/2023/10/04/1 http://www.openwall.com/lists/oss-security/2023/10/04/3 http://www.openwall.com/lists/oss-security/2023/10/04/4 Common Vulnerability Exposure (CVE) ID: CVE-2023-45863 https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2.3 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3bb2a01caa813d3a1845d378bbe4169ef280d394 https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html
Copyright	Copyright (C) 2024 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.