CVE-2023-0386
Published: 22 March 2023
A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.
From the Ubuntu Security Team
It was discovered that the OverlayFS implementation in the Linux kernel did not properly handle copy up operation in some conditions. A local attacker could possibly use this to gain elevated privileges.
Priority
Status
| Package | Release | Status |
|---|---|---|
|
linux-aws-5.15 Launchpad, Ubuntu, Debian |
xenial |
Does not exist
|
| bionic |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| focal |
Released
(5.15.0-1034.38~20.04.1)
|
|
| upstream |
Released
(6.2~rc6)
|
|
|
linux-aws-5.8 Launchpad, Ubuntu, Debian |
upstream |
Ignored
(superseded by linux-aws-5.11)
|
| bionic |
Does not exist
|
|
| focal |
Ignored
(superseded by linux-aws-5.11)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
|
linux-aws-hwe Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Not vulnerable
(4.15.0-1030.31~16.04.1)
|
|
|
linux-azure Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-azure-5.3)
|
| focal |
Not vulnerable
(5.4.0-1006.6)
|
|
| jammy |
Released
(5.15.0-1036.43)
|
|
| kinetic |
Released
(5.19.0-1025.28)
|
|
| upstream |
Released
(6.2~rc6)
|
|
| trusty |
Not vulnerable
(4.15.0-1023.24~14.04.1)
|
|
| xenial |
Not vulnerable
(4.11.0-1009.9)
|
|
| lunar |
Not vulnerable
(6.2.0-1002.2)
|
|
| mantic |
Not vulnerable
(6.2.0-1003.3)
|
|
|
linux-azure-4.15 Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| bionic |
Not vulnerable
(4.15.0-1082.92)
|
|
|
linux-azure-5.11 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(superseded by linux-azure-5.13)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-azure-5.13)
|
|
| xenial |
Does not exist
|
|
|
linux-azure-5.13 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(superseded by linux-azure-5.15)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-azure-5.15)
|
|
| xenial |
Does not exist
|
|
|
linux-azure-5.15 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| focal |
Released
(5.15.0-1036.43~20.04.1)
|
|
| upstream |
Released
(6.2~rc6)
|
|
|
linux-azure-5.19 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| jammy |
Ignored
(end of life, was needed)
|
|
| upstream |
Released
(6.2~rc6)
|
|
|
linux-azure-5.3 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-azure-5.4)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-azure-5.4)
|
|
| xenial |
Does not exist
|
|
|
linux-azure-5.4 Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| bionic |
Not vulnerable
(5.4.0-1020.20~18.04.1)
|
|
|
linux-azure-5.8 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(superseded by linux-azure-5.11)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-azure-5.11)
|
|
| xenial |
Does not exist
|
|
|
linux-azure-fde Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
| jammy |
Released
(5.15.0-1036.43)
|
|
| focal |
Not vulnerable
(5.4.0-1006.6)
|
|
|
linux-azure-fde-5.15 Launchpad, Ubuntu, Debian |
focal |
Released
(5.15.0-1036.43~20.04.1)
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
|
linux-bluefield Launchpad, Ubuntu, Debian |
jammy |
Pending
|
| upstream |
Released
(6.2~rc6)
|
|
| bionic |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| focal |
Not vulnerable
(5.4.0-1007.10)
|
|
|
linux-dell300x Launchpad, Ubuntu, Debian |
upstream |
Released
(6.2~rc6)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| bionic |
Not vulnerable
(4.15.0-1005.8)
|
|
|
linux-fips Launchpad, Ubuntu, Debian |
trusty |
Ignored
(end of standard support)
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Ignored
(end of standard support)
|
|
| bionic |
Does not exist
|
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
|
linux-gcp Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-gcp-5.3)
|
| jammy |
Released
(5.15.0-1032.40)
|
|
| kinetic |
Released
(5.19.0-1022.24)
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| focal |
Not vulnerable
(5.4.0-1005.5)
|
|
| xenial |
Not vulnerable
(4.10.0-1004.4)
|
|
| lunar |
Not vulnerable
(6.2.0-1004.4)
|
|
| mantic |
Not vulnerable
(6.2.0-1005.5)
|
|
|
linux-gcp-4.15 Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
| bionic |
Not vulnerable
(4.15.0-1071.81)
|
|
|
linux-gcp-5.11 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(superseded by linux-gcp-5.13)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-gcp-5.13)
|
|
| xenial |
Does not exist
|
|
|
linux-gcp-5.13 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(superseded by linux-gcp-5.15)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-gcp-5.15)
|
|
| xenial |
Does not exist
|
|
|
linux-gcp-5.15 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
| focal |
Released
(5.15.0-1032.40~20.04.1)
|
|
|
linux-gcp-5.3 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-gcp-5.4)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-gcp-5.4)
|
|
| xenial |
Does not exist
|
|
|
linux-gcp-5.4 Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
| bionic |
Not vulnerable
(5.4.0-1019.19~18.04.2)
|
|
|
linux-gcp-5.8 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(superseded by linux-gcp-5.11)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-gcp-5.11)
|
|
| xenial |
Does not exist
|
|
|
linux-gke Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Ignored
(end of standard support)
|
|
| focal |
Not vulnerable
(5.4.0-1033.35)
|
|
| jammy |
Released
(5.15.0-1031.36)
|
|
|
linux-gke-4.15 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(end of life, was needs-triage)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-gke-5.0 Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| upstream |
Released
(6.2~rc6)
|
|
| bionic |
Ignored
(end of standard support)
|
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| xenial |
Does not exist
|
|
|
linux-gke-5.15 Launchpad, Ubuntu, Debian |
focal |
Released
(5.15.0-1031.36~20.04.1)
|
| upstream |
Released
(6.2~rc6)
|
|
| bionic |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
|
linux-gke-5.4 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(end of life, was needs-triage)
|
| upstream |
Released
(6.2~rc6)
|
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
|
linux-gkeop Launchpad, Ubuntu, Debian |
upstream |
Released
(6.2~rc6)
|
| bionic |
Does not exist
|
|
| focal |
Not vulnerable
(5.4.0-1008.9)
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| jammy |
Released
(5.15.0-1018.23)
|
|
|
linux-gkeop-5.4 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(end of life, was needs-triage)
|
| upstream |
Released
(6.2~rc6)
|
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
|
linux-hwe Launchpad, Ubuntu, Debian |
bionic |
Ignored
(replaced by linux-hwe-5.4)
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| focal |
Does not exist
|
|
| xenial |
Not vulnerable
(4.8.0-39.42~16.04.1)
|
|
|
linux-hwe-5.11 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(superseded by linux-hwe-5.13)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-hwe-5.13)
|
|
| xenial |
Does not exist
|
|
|
linux-hwe-5.13 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(superseded by linux-hwe-5.15)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-hwe-5.15)
|
|
| xenial |
Does not exist
|
|
|
linux-hwe-5.15 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
| focal |
Released
(5.15.0-70.77~20.04.1)
|
|
|
linux-hwe-5.19 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| jammy |
Released
(5.19.0-41.42~22.04.1)
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-hwe-5.4 Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
| bionic |
Not vulnerable
(5.4.0-37.41~18.04.1)
|
|
|
linux-hwe-5.8 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(superseded by linux-hwe-5.11)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-hwe-5.11)
|
|
| xenial |
Does not exist
|
|
|
linux-hwe-edge Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-hwe-5.4)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Ignored
(superseded by linux-hwe)
|
|
|
linux-ibm Launchpad, Ubuntu, Debian |
kinetic |
Released
(5.19.0-1021.23)
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| focal |
Not vulnerable
(5.4.0-1003.4)
|
|
| jammy |
Released
(5.15.0-1028.31)
|
|
| lunar |
Not vulnerable
(6.2.0-1001.1)
|
|
| mantic |
Not vulnerable
(6.2.0-1001.1)
|
|
|
linux-ibm-5.4 Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| bionic |
Not vulnerable
(5.4.0-1010.11~18.04.2)
|
|
| upstream |
Released
(6.2~rc6)
|
|
|
linux-intel-5.13 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| focal |
Ignored
(end of life, was needs-triage)
|
|
| upstream |
Released
(6.2~rc6)
|
|
|
linux-intel-iotg Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| jammy |
Released
(5.15.0-1028.33)
|
|
|
linux-intel-iotg-5.15 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| focal |
Released
(5.15.0-1030.35~20.04.1)
|
|
|
linux-kvm Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Not vulnerable
(4.4.0-1004.9)
|
|
| jammy |
Released
(5.15.0-1031.36)
|
|
| kinetic |
Released
(5.19.0-1022.23)
|
|
| upstream |
Released
(6.2~rc6)
|
|
| bionic |
Not vulnerable
(4.15.0-1002.2)
|
|
| focal |
Not vulnerable
(5.4.0-1004.4)
|
|
| lunar |
Not vulnerable
(6.2.0-1002.2)
|
|
| mantic |
Does not exist
|
|
|
linux-lowlatency Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| jammy |
Released
(5.15.0-70.77)
|
|
| kinetic |
Released
(5.19.0-1023.24)
|
|
| upstream |
Released
(6.2~rc6)
|
|
| lunar |
Not vulnerable
(6.2.0-1002.2)
|
|
| mantic |
Not vulnerable
(6.2.0-1003.3)
|
|
|
linux-lowlatency-hwe-5.15 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| focal |
Released
(5.15.0-70.77~20.04.1)
|
|
|
linux-lowlatency-hwe-5.19 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
| jammy |
Ignored
(end of life, was needed)
|
|
|
linux-lts-xenial Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Not vulnerable
(4.4.0-13.29~14.04.1)
|
|
| xenial |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
|
linux-oem Launchpad, Ubuntu, Debian |
bionic |
Ignored
(end of life, was needs-triage)
|
| upstream |
Released
(6.2~rc6)
|
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Ignored
(end of standard support)
|
|
|
linux-oem-5.10 Launchpad, Ubuntu, Debian |
focal |
Ignored
(end of life, was needs-triage)
|
| upstream |
Released
(6.2~rc6)
|
|
| bionic |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
|
linux-oem-5.14 Launchpad, Ubuntu, Debian |
focal |
Ignored
(end of life, was needed)
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
|
linux-oem-5.17 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| jammy |
Released
(5.17.0-1031.32)
|
|
| kinetic |
Ignored
(end of life, was needs-triage)
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-oem-5.6 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(end of life, was needs-triage)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-oem-6.0 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| jammy |
Released
(6.0.0-1015.15)
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-oem-6.1 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| jammy |
Released
(6.1.0-1008.8)
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
| kinetic |
Does not exist
|
|
|
linux-oem-osp1 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(end of standard support, was needs-triage)
|
| upstream |
Released
(6.2~rc6)
|
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
|
linux-oracle Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(4.15.0-1007.9)
|
| focal |
Not vulnerable
(5.4.0-1005.5)
|
|
| jammy |
Released
(5.15.0-1033.39)
|
|
| kinetic |
Released
(5.19.0-1022.25)
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Not vulnerable
(4.15.0-1007.9~16.04.1)
|
|
| lunar |
Not vulnerable
(6.2.0-1002.2)
|
|
| mantic |
Not vulnerable
(6.2.0-1003.3)
|
|
|
linux-oracle-5.0 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-oracle-5.3)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-oracle-5.11 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(superseded by linux-oracle-5.13)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-oracle-5.13)
|
|
| xenial |
Does not exist
|
|
|
linux-oracle-5.13 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(end of life, was needs-triage)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-oracle-5.15 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
| focal |
Released
(5.15.0-1033.39~20.04.1)
|
|
|
linux-oracle-5.3 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-oracle-5.4)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-oracle-5.4)
|
|
| xenial |
Does not exist
|
|
|
linux-oracle-5.4 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(5.4.0-1019.19~18.04.1)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-oracle-5.8 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(superseded by linux-oracle-5.11)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-oracle-5.11)
|
|
| xenial |
Does not exist
|
|
|
linux-raspi Launchpad, Ubuntu, Debian |
focal |
Not vulnerable
(5.4.0-1007.7)
|
| jammy |
Released
(5.15.0-1027.29)
|
|
| kinetic |
Released
(5.19.0-1017.24)
|
|
| upstream |
Released
(6.2~rc6)
|
|
| bionic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| lunar |
Not vulnerable
(6.2.0-1003.3)
|
|
| mantic |
Not vulnerable
(6.2.0-1004.5)
|
|
|
linux-raspi-5.4 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(5.4.0-1013.13~18.04.1)
|
| upstream |
Released
(6.2~rc6)
|
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
|
linux-raspi2 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(4.13.0-1005.5)
|
| focal |
Ignored
(replaced by linux-raspi)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Ignored
(end of standard support)
|
|
|
linux-raspi2-5.3 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(end of standard support)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-raspi2-5.4)
|
|
| xenial |
Does not exist
|
|
|
linux-riscv Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(superseded by linux-riscv-5.8)
|
|
| jammy |
Ignored
(end of life, was needs-triage)
|
|
| kinetic |
Released
(5.19.0-1017.18)
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
| lunar |
Not vulnerable
(6.2.0-19.19.1)
|
|
| mantic |
Not vulnerable
(6.2.0-19.19.1)
|
|
|
linux-riscv-5.11 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(superseded by linux-riscv-5.13)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-riscv-5.13)
|
|
| xenial |
Does not exist
|
|
|
linux-riscv-5.8 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(superseded by linux-riscv-5.11)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-riscv-5.11)
|
|
| xenial |
Does not exist
|
|
|
linux-snapdragon Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(4.4.0-1077.82)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Ignored
(end of standard support)
|
|
|
linux-nvidia Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| focal |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| lunar |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| jammy |
Released
(5.15.0-1023.23)
|
|
| mantic |
Does not exist
|
|
|
linux-gkeop-5.15 Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| lunar |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| focal |
Released
(5.15.0-1018.23~20.04.1)
|
|
| mantic |
Does not exist
|
|
|
linux-aws-5.19 Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| focal |
Does not exist
|
|
| jammy |
Not vulnerable
|
|
| kinetic |
Does not exist
|
|
| lunar |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| mantic |
Does not exist
|
|
|
linux-gcp-5.19 Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| focal |
Does not exist
|
|
| jammy |
Not vulnerable
|
|
| kinetic |
Does not exist
|
|
| lunar |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| mantic |
Does not exist
|
|
|
linux-riscv-5.19 Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| focal |
Does not exist
|
|
| jammy |
Not vulnerable
|
|
| kinetic |
Does not exist
|
|
| lunar |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| mantic |
Does not exist
|
|
|
linux-allwinner Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Not vulnerable
|
|
| lunar |
Not vulnerable
|
|
| upstream |
Released
(6.2~rc6)
|
|
| mantic |
Does not exist
|
|
|
linux-allwinner-5.19 Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| focal |
Does not exist
|
|
| jammy |
Not vulnerable
|
|
| kinetic |
Does not exist
|
|
| lunar |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| mantic |
Does not exist
|
|
|
linux-starfive Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Not vulnerable
|
|
| upstream |
Released
(6.2~rc6)
|
|
| lunar |
Released
(6.2.0-1002.2)
|
|
| mantic |
Needed
|
|
|
linux-starfive-5.19 Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| focal |
Does not exist
|
|
| jammy |
Not vulnerable
|
|
| kinetic |
Does not exist
|
|
| lunar |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| mantic |
Does not exist
|
|
|
linux-aws-6.2 Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| focal |
Does not exist
|
|
| lunar |
Does not exist
|
|
| jammy |
Not vulnerable
(6.2.0-1005.5~22.04.1)
|
|
| upstream |
Released
(6.2~rc6)
|
|
| mantic |
Does not exist
|
|
|
linux-hwe-6.2 Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| focal |
Does not exist
|
|
| lunar |
Does not exist
|
|
| jammy |
Not vulnerable
(6.2.0-25.25~22.04.2)
|
|
| upstream |
Released
(6.2~rc6)
|
|
| mantic |
Does not exist
|
|
|
linux-lowlatency-hwe-6.2 Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| focal |
Does not exist
|
|
| lunar |
Does not exist
|
|
| jammy |
Not vulnerable
(6.2.0-1008.8~22.04.1)
|
|
| upstream |
Released
(6.2~rc6)
|
|
| mantic |
Does not exist
|
|
|
linux-ibm-5.15 Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| jammy |
Does not exist
|
|
| lunar |
Does not exist
|
|
| focal |
Not vulnerable
(5.15.0-1033.36~20.04.1)
|
|
| upstream |
Released
(6.2~rc6)
|
|
| mantic |
Does not exist
|
|
|
linux-gcp-6.2 Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| focal |
Does not exist
|
|
| lunar |
Does not exist
|
|
| jammy |
Not vulnerable
(6.2.0-1009.9~22.04.3)
|
|
| upstream |
Released
(6.2~rc6)
|
|
| mantic |
Does not exist
|
|
|
linux-azure-6.2 Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| focal |
Does not exist
|
|
| lunar |
Does not exist
|
|
| jammy |
Not vulnerable
(6.2.0-1005.5~22.04.1)
|
|
| upstream |
Released
(6.2~rc6)
|
|
| mantic |
Does not exist
|
|
|
linux-azure-fde-6.2 Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| focal |
Does not exist
|
|
| lunar |
Does not exist
|
|
| jammy |
Not vulnerable
(6.2.0-1005.5~22.04.1)
|
|
| upstream |
Released
(6.2~rc6)
|
|
| mantic |
Does not exist
|
|
|
linux-azure-fde-5.19 Launchpad, Ubuntu, Debian |
jammy |
Ignored
(end of life, was needed)
|
| upstream |
Released
(6.2~rc6)
|
|
| bionic |
Does not exist
|
|
| focal |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| lunar |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| mantic |
Does not exist
|
|
|
linux-riscv-5.15 Launchpad, Ubuntu, Debian |
upstream |
Released
(6.2~rc6)
|
| bionic |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| lunar |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| focal |
Released
(5.15.0-1031.35~20.04.1)
|
|
| mantic |
Does not exist
|
|
|
linux-xilinx-zynqmp Launchpad, Ubuntu, Debian |
upstream |
Released
(6.2~rc6)
|
| focal |
Not vulnerable
(5.4.0-1020.24)
|
|
| bionic |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| lunar |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| jammy |
Not vulnerable
|
|
| mantic |
Does not exist
|
|
|
linux Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(4.13.0-16.19)
|
| focal |
Not vulnerable
(5.4.0-9.12)
|
|
| jammy |
Released
(5.15.0-70.77)
|
|
| kinetic |
Released
(5.19.0-41.42)
|
|
| trusty |
Not vulnerable
(3.11.0-12.19)
|
|
| xenial |
Not vulnerable
(4.4.0-2.16)
|
|
| upstream |
Released
(6.2~rc6)
|
|
| lunar |
Not vulnerable
(6.2.0-18.18)
|
|
| mantic |
Not vulnerable
(6.2.0-20.20)
|
|
|
Patches: Introduced by 459c7c565ac36ba09ffbf24231147f408fde4203 |
||
|
linux-aws-5.0 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-aws-5.3)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
|
linux-aws-5.3 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-aws-5.4)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-aws-5.4)
|
|
| xenial |
Does not exist
|
|
|
linux-aws-5.4 Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| bionic |
Not vulnerable
(5.4.0-1018.18~18.04.1)
|
|
|
linux-aws-5.11 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(superseded by linux-aws-5.13)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-aws-5.13)
|
|
| xenial |
Does not exist
|
|
|
linux-aws-5.13 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(superseded by linux-aws-5.15)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-aws-5.15)
|
|
| xenial |
Does not exist
|
|
|
linux-azure-edge Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-azure-5.3)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
|
linux-gke-5.3 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(end of standard support)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-gke-5.4)
|
|
| xenial |
Does not exist
|
|
|
linux-oem-5.13 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(superseded by linux-oem-5.14)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-oem-5.14)
|
|
| xenial |
Does not exist
|
|
|
linux-aws Launchpad, Ubuntu, Debian |
jammy |
Released
(5.15.0-1034.38)
|
| kinetic |
Released
(5.19.0-1024.25)
|
|
| upstream |
Released
(6.2~rc6)
|
|
| bionic |
Not vulnerable
(4.15.0-1001.1)
|
|
| focal |
Not vulnerable
(5.4.0-1005.5)
|
|
| trusty |
Not vulnerable
(4.4.0-1002.2)
|
|
| xenial |
Not vulnerable
(4.4.0-1001.10)
|
|
| lunar |
Not vulnerable
(6.2.0-1002.2)
|
|
| mantic |
Not vulnerable
(6.2.0-1003.3)
|
|
|
linux-iot Launchpad, Ubuntu, Debian |
focal |
Not vulnerable
(5.4.0-1001.3)
|
| upstream |
Released
(6.2~rc6)
|
|
| bionic |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| lunar |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| mantic |
Does not exist
|
|
|
linux-nvidia-6.2 Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| focal |
Does not exist
|
|
| jammy |
Not vulnerable
|
|
| lunar |
Does not exist
|
|
| mantic |
Does not exist
|
|
| upstream |
Needs triage
|
|
|
linux-starfive-6.2 Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| focal |
Does not exist
|
|
| jammy |
Not vulnerable
|
|
| lunar |
Does not exist
|
|
| mantic |
Does not exist
|
|
| upstream |
Needs triage
|
|
|
linux-laptop Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| lunar |
Does not exist
|
|
| mantic |
Not vulnerable
|
|
| upstream |
Needs triage
|
|
|
linux-oem-6.5 Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| focal |
Does not exist
|
|
| jammy |
Not vulnerable
|
|
| lunar |
Does not exist
|
|
| mantic |
Does not exist
|
|
| upstream |
Needs triage
|
|
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 7.8 |
| Attack vector | Local |
| Attack complexity | Low |
| Privileges required | Low |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | High |
| Integrity impact | High |
| Availability impact | High |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0386
- https://git.kernel.org/linus/4f11ada10d0ad3fd53e2bd67806351de63a4f9c3 (6.2-rc6)
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4f11ada10d0a
- https://ubuntu.com/security/notices/USN-6025-1
- https://ubuntu.com/security/notices/USN-6040-1
- https://ubuntu.com/security/notices/USN-6043-1
- https://ubuntu.com/security/notices/USN-6057-1
- https://ubuntu.com/security/notices/USN-6071-1
- https://ubuntu.com/security/notices/USN-6072-1
- https://ubuntu.com/security/notices/USN-6134-1
- NVD
- Launchpad
- Debian