CVE-2023-0386
Published: 22 March 2023
A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.
From the Ubuntu Security Team
It was discovered that the OverlayFS implementation in the Linux kernel did not properly handle copy up operation in some conditions. A local attacker could possibly use this to gain elevated privileges.
Priority
Status
| Package | Release | Status |
|---|---|---|
|
linux Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(4.13.0-16.19)
|
| focal |
Not vulnerable
(5.4.0-9.12)
|
|
| jammy |
Released
(5.15.0-70.77)
|
|
| kinetic |
Released
(5.19.0-41.42)
|
|
| lunar |
Not vulnerable
(6.2.0-18.18)
|
|
| trusty |
Not vulnerable
(3.11.0-12.19)
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Not vulnerable
(4.4.0-2.16)
|
|
|
Patches: Introduced by 459c7c565ac36ba09ffbf24231147f408fde4203 |
||
|
linux-aws Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(4.15.0-1001.1)
|
| focal |
Not vulnerable
(5.4.0-1005.5)
|
|
| jammy |
Released
(5.15.0-1034.38)
|
|
| kinetic |
Released
(5.19.0-1024.25)
|
|
| lunar |
Not vulnerable
(6.2.0-1002.2)
|
|
| trusty |
Not vulnerable
(4.4.0-1002.2)
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Not vulnerable
(4.4.0-1001.10)
|
|
|
linux-aws-5.0 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-aws-5.3)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-aws-5.11 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(superseded by linux-aws-5.13)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-aws-5.13)
|
|
| xenial |
Does not exist
|
|
|
linux-aws-5.13 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(superseded by linux-aws-5.15)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-aws-5.15)
|
|
| xenial |
Does not exist
|
|
|
linux-aws-5.15 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Released
(5.15.0-1034.38~20.04.1)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-aws-5.3 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-aws-5.4)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-aws-5.4)
|
|
| xenial |
Does not exist
|
|
|
linux-aws-5.4 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(5.4.0-1018.18~18.04.1)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-aws-5.8 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(superseded by linux-aws-5.11)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-aws-5.11)
|
|
| xenial |
Does not exist
|
|
|
linux-aws-hwe Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Not vulnerable
(4.15.0-1030.31~16.04.1)
|
|
|
linux-azure Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-azure-5.3)
|
| focal |
Not vulnerable
(5.4.0-1006.6)
|
|
| jammy |
Released
(5.15.0-1036.43)
|
|
| kinetic |
Released
(5.19.0-1025.28)
|
|
| lunar |
Not vulnerable
(6.2.0-1002.2)
|
|
| trusty |
Not vulnerable
(4.15.0-1023.24~14.04.1)
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Not vulnerable
(4.11.0-1009.9)
|
|
|
linux-azure-4.15 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(4.15.0-1082.92)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-azure-5.11 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(superseded by linux-azure-5.13)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-azure-5.13)
|
|
| xenial |
Does not exist
|
|
|
linux-azure-5.13 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(superseded by linux-azure-5.15)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-azure-5.15)
|
|
| xenial |
Does not exist
|
|
|
linux-azure-5.15 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Released
(5.15.0-1036.43~20.04.1)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-azure-5.19 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| jammy |
Needed
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-azure-5.3 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-azure-5.4)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-azure-5.4)
|
|
| xenial |
Does not exist
|
|
|
linux-azure-5.4 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(5.4.0-1020.20~18.04.1)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-azure-5.8 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(superseded by linux-azure-5.11)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-azure-5.11)
|
|
| xenial |
Does not exist
|
|
|
linux-azure-edge Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-azure-5.3)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-azure-fde Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Not vulnerable
(5.4.0-1006.6)
|
|
| jammy |
Released
(5.15.0-1036.43.1)
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-azure-fde-5.15 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Released
(5.15.0-1036.43~20.04.1)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-azure-fde-5.19 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| jammy |
Needed
|
|
| kinetic |
Does not exist
|
|
| lunar |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Needs triage
|
|
| xenial |
Does not exist
|
|
|
linux-bluefield Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Not vulnerable
(5.4.0-1007.10)
|
|
| jammy |
Pending
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-dell300x Launchpad, Ubuntu, Debian |
bionic |
Needs triage
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-fips Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Ignored
(out of standard support)
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Ignored
(out of standard support)
|
|
|
linux-gcp Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-gcp-5.3)
|
| focal |
Not vulnerable
(5.4.0-1005.5)
|
|
| jammy |
Released
(5.15.0-1032.40)
|
|
| kinetic |
Released
(5.19.0-1022.24)
|
|
| lunar |
Not vulnerable
(6.2.0-1004.4)
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Not vulnerable
(4.10.0-1004.4)
|
|
|
linux-gcp-4.15 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(4.15.0-1071.81)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-gcp-5.11 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(superseded by linux-gcp-5.13)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-gcp-5.13)
|
|
| xenial |
Does not exist
|
|
|
linux-gcp-5.13 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(superseded by linux-gcp-5.15)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-gcp-5.15)
|
|
| xenial |
Does not exist
|
|
|
linux-gcp-5.15 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Released
(5.15.0-1032.40~20.04.1)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-gcp-5.3 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-gcp-5.4)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-gcp-5.4)
|
|
| xenial |
Does not exist
|
|
|
linux-gcp-5.4 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(5.4.0-1019.19~18.04.2)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-gcp-5.8 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(superseded by linux-gcp-5.11)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-gcp-5.11)
|
|
| xenial |
Does not exist
|
|
|
linux-gke Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Not vulnerable
(5.4.0-1033.35)
|
|
| jammy |
Released
(5.15.0-1031.36)
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Ignored
(reached end of standard support)
|
|
|
linux-gke-4.15 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(was needs-triage now end-of-life)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-gke-5.0 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-gke-5.3)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-gke-5.15 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Released
(5.15.0-1031.36~20.04.1)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-gke-5.3 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-gke-5.4)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-gke-5.4)
|
|
| xenial |
Does not exist
|
|
|
linux-gke-5.4 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(was needs-triage now end-of-life)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-gkeop Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Not vulnerable
(5.4.0-1008.9)
|
|
| jammy |
Released
(5.15.0-1018.23)
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-gkeop-5.4 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(was needs-triage now end-of-life)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-hwe Launchpad, Ubuntu, Debian |
bionic |
Ignored
(replaced by linux-hwe-5.4)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Not vulnerable
(4.8.0-39.42~16.04.1)
|
|
|
linux-hwe-5.11 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(superseded by linux-hwe-5.13)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-hwe-5.13)
|
|
| xenial |
Does not exist
|
|
|
linux-hwe-5.13 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(superseded by linux-hwe-5.15)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-hwe-5.15)
|
|
| xenial |
Does not exist
|
|
|
linux-hwe-5.15 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Released
(5.15.0-70.77~20.04.1)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-hwe-5.19 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| jammy |
Released
(5.19.0-41.42~22.04.1)
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-hwe-5.4 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(5.4.0-37.41~18.04.1)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-hwe-5.8 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(superseded by linux-hwe-5.11)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-hwe-5.11)
|
|
| xenial |
Does not exist
|
|
|
linux-hwe-edge Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-hwe-5.4)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Ignored
(superseded by linux-hwe)
|
|
|
linux-ibm Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Not vulnerable
(5.4.0-1003.4)
|
|
| jammy |
Released
(5.15.0-1028.31)
|
|
| kinetic |
Released
(5.19.0-1021.23)
|
|
| lunar |
Not vulnerable
(6.2.0-1001.1)
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-ibm-5.4 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(5.4.0-1010.11~18.04.2)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-intel-5.13 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(was needs-triage now end-of-life)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-intel-iotg Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| jammy |
Released
(5.15.0-1028.33)
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-intel-iotg-5.15 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Released
(5.15.0-1030.35~20.04.1)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-iot Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Not vulnerable
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| lunar |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Needs triage
|
|
| xenial |
Does not exist
|
|
|
linux-kvm Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(4.15.0-1002.2)
|
| focal |
Not vulnerable
(5.4.0-1004.4)
|
|
| jammy |
Released
(5.15.0-1031.36)
|
|
| kinetic |
Released
(5.19.0-1022.23)
|
|
| lunar |
Not vulnerable
(6.2.0-1002.2)
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Not vulnerable
(4.4.0-1004.9)
|
|
|
linux-lowlatency Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| jammy |
Released
(5.15.0-70.77)
|
|
| kinetic |
Released
(5.19.0-1023.24)
|
|
| lunar |
Not vulnerable
(6.2.0-1002.2)
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-lowlatency-hwe-5.15 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Released
(5.15.0-70.77~20.04.1)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-lowlatency-hwe-5.19 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| jammy |
Needed
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-lts-xenial Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Not vulnerable
(4.4.0-13.29~14.04.1)
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-oem Launchpad, Ubuntu, Debian |
bionic |
Ignored
(was needs-triage now end-of-life)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Ignored
(superseded by linux-hwe)
|
|
|
linux-oem-5.10 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(was needs-triage now end-of-life)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-oem-5.13 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(superseded by linux-oem-5.14)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-oem-5.14)
|
|
| xenial |
Does not exist
|
|
|
linux-oem-5.14 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(was needed now end-of-life)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-oem-5.17 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| jammy |
Released
(5.17.0-1031.32)
|
|
| kinetic |
Ignored
(was needs-triage now end-of-life)
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-oem-5.6 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(was needs-triage now end-of-life)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-oem-6.0 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| jammy |
Released
(6.0.0-1015.15)
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-oem-6.1 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| jammy |
Released
(6.1.0-1008.8)
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-oem-osp1 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(was needs-triage now end-of-life)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-oracle Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(4.15.0-1007.9)
|
| focal |
Not vulnerable
(5.4.0-1005.5)
|
|
| jammy |
Released
(5.15.0-1033.39)
|
|
| kinetic |
Released
(5.19.0-1022.25)
|
|
| lunar |
Not vulnerable
(6.2.0-1002.2)
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Not vulnerable
(4.15.0-1007.9~16.04.1)
|
|
|
linux-oracle-5.0 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-oracle-5.3)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-oracle-5.11 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(superseded by linux-oracle-5.13)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-oracle-5.13)
|
|
| xenial |
Does not exist
|
|
|
linux-oracle-5.13 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(was needs-triage now end-of-life)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-oracle-5.15 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Released
(5.15.0-1033.39~20.04.1)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-oracle-5.3 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-oracle-5.4)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-oracle-5.4)
|
|
| xenial |
Does not exist
|
|
|
linux-oracle-5.4 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(5.4.0-1019.19~18.04.1)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-oracle-5.8 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(superseded by linux-oracle-5.11)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-oracle-5.11)
|
|
| xenial |
Does not exist
|
|
|
linux-raspi Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Not vulnerable
(5.4.0-1007.7)
|
|
| jammy |
Released
(5.15.0-1027.29)
|
|
| kinetic |
Released
(5.19.0-1017.24)
|
|
| lunar |
Not vulnerable
(6.2.0-1003.3)
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-raspi-5.4 Launchpad, Ubuntu, Debian |
bionic |
Needs triage
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-raspi2 Launchpad, Ubuntu, Debian |
bionic |
Needs triage
|
| focal |
Ignored
(replaced by linux-raspi)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Ignored
(end of standard support)
|
|
|
linux-raspi2-5.3 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-raspi-5.4)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-raspi2-5.4)
|
|
| xenial |
Does not exist
|
|
|
linux-riscv Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(superseded by linux-riscv-5.8)
|
|
| jammy |
Ignored
(was needs-triage now end-of-life)
|
|
| kinetic |
Released
(5.19.0-1017.18)
|
|
| lunar |
Not vulnerable
(6.2.0-19.19.1)
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Does not exist
|
|
|
linux-riscv-5.11 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(superseded by linux-riscv-5.13)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-riscv-5.13)
|
|
| xenial |
Does not exist
|
|
|
linux-riscv-5.15 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Not vulnerable
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| lunar |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Needs triage
|
|
| xenial |
Does not exist
|
|
|
linux-riscv-5.8 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(superseded by linux-riscv-5.11)
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-riscv-5.11)
|
|
| xenial |
Does not exist
|
|
|
linux-snapdragon Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(4.4.0-1077.82)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.2~rc6)
|
|
| xenial |
Ignored
(end of standard support)
|
|
|
linux-xilinx-zynqmp Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Not vulnerable
|
|
| jammy |
Does not exist
|
|
| kinetic |
Does not exist
|
|
| lunar |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Needs triage
|
|
| xenial |
Does not exist
|
|
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 7.8 |
| Attack vector | Local |
| Attack complexity | Low |
| Privileges required | Low |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | High |
| Integrity impact | High |
| Availability impact | High |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0386
- https://git.kernel.org/linus/4f11ada10d0ad3fd53e2bd67806351de63a4f9c3 (6.2-rc6)
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4f11ada10d0a
- https://ubuntu.com/security/notices/USN-6025-1
- https://ubuntu.com/security/notices/USN-6040-1
- https://ubuntu.com/security/notices/USN-6043-1
- https://ubuntu.com/security/notices/USN-6057-1
- https://ubuntu.com/security/notices/USN-6071-1
- https://ubuntu.com/security/notices/USN-6072-1
- https://ubuntu.com/security/notices/USN-6134-1
- NVD
- Launchpad
- Debian