Test ID:	1.3.6.1.4.1.25623.1.1.12.2023.6031.1
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-6031-1)
Summary:	The remote host is missing an update for the 'linux-oem-5.17' package(s) announced via the USN-6031-1 advisory.
Description:	Summary: The remote host is missing an update for the 'linux-oem-5.17' package(s) announced via the USN-6031-1 advisory. Vulnerability Insight: It was discovered that the Traffic-Control Index (TCINDEX) implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1281) It was discovered that the Integrity Measurement Architecture (IMA) implementation in the Linux kernel did not properly enforce policy in certain conditions. A privileged attacker could use this to bypass Kernel lockdown restrictions. (CVE-2022-21505) It was discovered that the infrared transceiver USB driver did not properly handle USB control messages. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service (memory exhaustion). (CVE-2022-3903) It was discovered that a race condition existed in the SMSC UFX USB driver implementation in the Linux kernel, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41849) Gerald Lee discovered that the USB Gadget file system implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-4382) It was discovered that a memory leak existed in the SCTP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2023-1074) Mingi Cho discovered that the netfilter subsystem in the Linux kernel did not properly initialize a data structure, leading to a null pointer dereference vulnerability. An attacker could use this to cause a denial of service (system crash). (CVE-2023-1095) It was discovered that the RNDIS USB driver in the Linux kernel contained an integer overflow vulnerability. A local attacker with physical access could plug in a malicious USB device to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-23559) It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate attributes in certain situations, leading to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2023-26607) Duoming Zhou discovered that a race condition existed in the infrared receiver/transceiver driver in the Linux kernel, leading to a use-after- free vulnerability. A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-1118) Affected Software/OS: 'linux-oem-5.17' package(s) on Ubuntu 22.04. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2022-21505 Common Vulnerability Exposure (CVE) ID: CVE-2022-3903 https://lore.kernel.org/all/CAB7eexLLApHJwZfMQ=X-PtRhw0BgO+5KcSMS05FNUYejJXqtSA@mail.gmail.com/ https://lore.kernel.org/all/E1obysd-009Grw-He@www.linuxtv.org/ Common Vulnerability Exposure (CVE) ID: CVE-2022-41849 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5610bcfe8693c02e2e4c8b31427f1bdbdecc839c https://lore.kernel.org/all/20220925133243.GA383897@ubuntu/T/ https://lists.debian.org/debian-lts-announce/2022/12/msg00031.html https://lists.debian.org/debian-lts-announce/2022/12/msg00034.html Common Vulnerability Exposure (CVE) ID: CVE-2022-4382 https://www.openwall.com/lists/oss-security/2022/12/14/5 Common Vulnerability Exposure (CVE) ID: CVE-2023-1074 https://bugzilla.redhat.com/show_bug.cgi?id=2173430 https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=458e279f861d3f61796894cd158b780765a1569f https://www.openwall.com/lists/oss-security/2023/01/23/1 https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html http://www.openwall.com/lists/oss-security/2023/11/05/4 Common Vulnerability Exposure (CVE) ID: CVE-2023-1095 https://bugzilla.redhat.com/show_bug.cgi?id=2173973 https://github.com/torvalds/linux/commit/580077855a40741cf511766129702d97ff02f4d9 Common Vulnerability Exposure (CVE) ID: CVE-2023-1118 https://github.com/torvalds/linux/commit/29b0589a865b6f66d141d79b2dd1373e4e50fe17 Common Vulnerability Exposure (CVE) ID: CVE-2023-1281 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ee059170b1f7e94e55fa6cadee544e176a6e59c2 https://kernel.dance/#ee059170b1f7e94e55fa6cadee544e176a6e59c2 http://www.openwall.com/lists/oss-security/2023/04/11/3 Common Vulnerability Exposure (CVE) ID: CVE-2023-23559 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b870e73a56c4cccbec33224233eaf295839f228c https://patchwork.kernel.org/project/linux-wireless/patch/20230110173007.57110-1-szymon.heidrich@gmail.com/ Common Vulnerability Exposure (CVE) ID: CVE-2023-26607 https://bugzilla.suse.com/show_bug.cgi?id=1208703 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=36a4d82dddbbd421d2b8e79e1cab68c8126d5075 https://lkml.org/lkml/2023/2/21/1353
Copyright	Copyright (C) 2023 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.