CVE-2023-52885
Published: 14 July 2024
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix UAF in svc_tcp_listen_data_ready() After the listener svc_sock is freed, and before invoking svc_tcp_accept() for the established child sock, there is a window that the newsock retaining a freed listener svc_sock in sk_user_data which cloning from parent. In the race window, if data is received on the newsock, we will observe use-after-free report in svc_tcp_listen_data_ready(). Reproduce by two tasks: 1. while :; do rpc.nfsd 0 ; rpc.nfsd; done 2. while :; do echo "" | ncat -4 127.0.0.1 2049 ; done KASAN report: ================================================================== BUG: KASAN: slab-use-after-free in svc_tcp_listen_data_ready+0x1cf/0x1f0 [sunrpc] Read of size 8 at addr ffff888139d96228 by task nc/102553 CPU: 7 PID: 102553 Comm: nc Not tainted 6.3.0+ #18 Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020 Call Trace: <IRQ> dump_stack_lvl+0x33/0x50 print_address_description.constprop.0+0x27/0x310 print_report+0x3e/0x70 kasan_report+0xae/0xe0 svc_tcp_listen_data_ready+0x1cf/0x1f0 [sunrpc] tcp_data_queue+0x9f4/0x20e0 tcp_rcv_established+0x666/0x1f60 tcp_v4_do_rcv+0x51c/0x850 tcp_v4_rcv+0x23fc/0x2e80 ip_protocol_deliver_rcu+0x62/0x300 ip_local_deliver_finish+0x267/0x350 ip_local_deliver+0x18b/0x2d0 ip_rcv+0x2fb/0x370 __netif_receive_skb_one_core+0x166/0x1b0 process_backlog+0x24c/0x5e0 __napi_poll+0xa2/0x500 net_rx_action+0x854/0xc90 __do_softirq+0x1bb/0x5de do_softirq+0xcb/0x100 </IRQ> <TASK> ... </TASK> Allocated by task 102371: kasan_save_stack+0x1e/0x40 kasan_set_track+0x21/0x30 __kasan_kmalloc+0x7b/0x90 svc_setup_socket+0x52/0x4f0 [sunrpc] svc_addsock+0x20d/0x400 [sunrpc] __write_ports_addfd+0x209/0x390 [nfsd] write_ports+0x239/0x2c0 [nfsd] nfsctl_transaction_write+0xac/0x110 [nfsd] vfs_write+0x1c3/0xae0 ksys_write+0xed/0x1c0 do_syscall_64+0x38/0x90 entry_SYSCALL_64_after_hwframe+0x72/0xdc Freed by task 102551: kasan_save_stack+0x1e/0x40 kasan_set_track+0x21/0x30 kasan_save_free_info+0x2a/0x50 __kasan_slab_free+0x106/0x190 __kmem_cache_free+0x133/0x270 svc_xprt_free+0x1e2/0x350 [sunrpc] svc_xprt_destroy_all+0x25a/0x440 [sunrpc] nfsd_put+0x125/0x240 [nfsd] nfsd_svc+0x2cb/0x3c0 [nfsd] write_threads+0x1ac/0x2a0 [nfsd] nfsctl_transaction_write+0xac/0x110 [nfsd] vfs_write+0x1c3/0xae0 ksys_write+0xed/0x1c0 do_syscall_64+0x38/0x90 entry_SYSCALL_64_after_hwframe+0x72/0xdc Fix the UAF by simply doing nothing in svc_tcp_listen_data_ready() if state != TCP_LISTEN, that will avoid dereferencing svsk for all child socket.
Priority
Status
| Package | Release | Status |
|---|---|---|
|
linux
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(ESM criteria, was needed)
|
| focal |
Released
(5.4.0-166.183)
|
|
| jammy |
Released
(5.15.0-86.96)
|
|
| noble |
Not vulnerable
(6.5.0-9.9)
|
|
| trusty |
Not vulnerable
(3.11.0-12.19)
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
| xenial |
Not vulnerable
(4.4.0-2.16)
|
|
|
Patches:
Introduced by
fa9251afc33c81606d70cfe91800a779096442ec
|
||
|
linux-allwinner-5.19
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Ignored
(end of kernel support)
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(end of life)
|
|
|
linux-aws
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(ESM criteria, was needed)
|
| focal |
Released
(5.4.0-1113.123)
|
|
| jammy |
Released
(5.15.0-1047.52)
|
|
| noble |
Not vulnerable
(6.5.0-1008.8)
|
|
| trusty |
Not vulnerable
(4.4.0-1002.2)
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
| xenial |
Not vulnerable
(4.4.0-1001.10)
|
|
|
linux-aws-5.0
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-aws-5.3)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-aws-5.3)
|
|
|
linux-aws-5.11
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-aws-5.13)
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-aws-5.13)
|
|
|
linux-aws-5.13
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-aws-5.15)
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-aws-5.15)
|
|
|
linux-aws-5.15
Launchpad, Ubuntu, Debian |
focal |
Released
(5.15.0-1047.52~20.04.1)
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-aws-5.19
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Ignored
(superseded by linux-aws-6.2)
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-aws-6.2)
|
|
|
linux-aws-5.3
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-aws-5.4)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-aws-5.4)
|
|
|
linux-aws-5.4
Launchpad, Ubuntu, Debian |
bionic |
Pending
(5.4.0-1113.123~18.04.1)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-aws-5.8
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-aws-5.11)
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-aws-5.11)
|
|
|
linux-aws-6.2
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Ignored
(superseded by linux-aws-6.5)
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-aws-6.5)
|
|
|
linux-aws-6.5
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Not vulnerable
(6.5.0-1008.8~22.04.1)
|
|
| noble |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-aws-fips
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-aws-hwe
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
| xenial |
Ignored
(ESM criteria, was needed)
|
|
|
linux-azure
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-azure-5.3)
|
| focal |
Released
(5.4.0-1119.126)
|
|
| jammy |
Released
(5.15.0-1049.56)
|
|
| noble |
Not vulnerable
(6.5.0-1007.7)
|
|
| trusty |
Ignored
(ESM criteria, was needed)
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
| xenial |
Ignored
(ESM criteria, was needed)
|
|
|
linux-azure-4.15
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(ESM criteria, was needed)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-azure-5.11
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-azure-5.13)
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-azure-5.13)
|
|
|
linux-azure-5.13
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-azure-5.15)
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-azure-5.15)
|
|
|
linux-azure-5.15
Launchpad, Ubuntu, Debian |
focal |
Released
(5.15.0-1049.56~20.04.1)
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-azure-5.19
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Ignored
(superseded by linux-azure-6.2)
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-azure-6.2)
|
|
|
linux-azure-5.3
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-azure-5.4)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-azure-5.4)
|
|
|
linux-azure-5.4
Launchpad, Ubuntu, Debian |
bionic |
Pending
(5.4.0-1119.126~18.04.2)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-azure-5.8
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-azure-5.11)
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-azure-5.11)
|
|
|
linux-azure-6.2
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Ignored
(superseded by linux-azure-6.5)
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-azure-6.5)
|
|
|
linux-azure-6.5
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Not vulnerable
(6.5.0-1007.7~22.04.1)
|
|
| noble |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-azure-edge
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-azure-5.3)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-azure-5.3)
|
|
|
linux-azure-fde
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-azure-fde-5.15)
|
| jammy |
Released
(5.15.0-1049.56.1)
|
|
| noble |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-azure-fde-5.15
Launchpad, Ubuntu, Debian |
focal |
Released
(5.15.0-1049.56~20.04.1.1)
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-azure-fde-5.19
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Ignored
(superseded by linux-azure-fde-6.2)
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-azure-fde-6.2)
|
|
|
linux-azure-fde-6.2
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Ignored
(replaced by linux-azure-6.5)
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(replaced by linux-azure-6.5)
|
|
|
linux-azure-fips
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-bluefield
Launchpad, Ubuntu, Debian |
focal |
Released
(5.4.0-1074.80)
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-fips
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-gcp
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-gcp-5.3)
|
| focal |
Released
(5.4.0-1117.126)
|
|
| jammy |
Released
(5.15.0-1044.52)
|
|
| noble |
Not vulnerable
(6.5.0-1007.7)
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
| xenial |
Ignored
(ESM criteria, was needed)
|
|
|
linux-gcp-4.15
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(ESM criteria, was needed)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-gcp-5.11
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-gcp-5.13)
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-gcp-5.13)
|
|
|
linux-gcp-5.13
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-gcp-5.15)
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-gcp-5.15)
|
|
|
linux-gcp-5.15
Launchpad, Ubuntu, Debian |
focal |
Released
(5.15.0-1044.52~20.04.1)
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-gcp-5.19
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Ignored
(superseded by linux-gcp-6.2)
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-gcp-6.2)
|
|
|
linux-gcp-5.3
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-gcp-5.4)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-gcp-5.4)
|
|
|
linux-gcp-5.4
Launchpad, Ubuntu, Debian |
bionic |
Pending
(5.4.0-1117.126~18.04.1)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-gcp-5.8
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-gcp-5.11)
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-gcp-5.11)
|
|
|
linux-gcp-6.2
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Ignored
(superseded by linux-gcp-6.5)
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-gcp-6.5)
|
|
|
linux-gcp-6.5
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Not vulnerable
(6.5.0-1010.10~22.04.3)
|
|
| noble |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-gcp-fips
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-gke
Launchpad, Ubuntu, Debian |
focal |
Ignored
(end of kernel support)
|
| jammy |
Released
(5.15.0-1044.49)
|
|
| noble |
Not vulnerable
(6.8.0-1003.5)
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-gke-4.15
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-gke-5.0)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-gke-5.0)
|
|
|
linux-gke-5.15
Launchpad, Ubuntu, Debian |
focal |
Ignored
(end of kernel support)
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(end of life)
|
|
|
linux-gke-5.4
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(end of kernel support)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(end of life)
|
|
|
linux-gkeop
Launchpad, Ubuntu, Debian |
focal |
Released
(5.4.0-1080.84)
|
| jammy |
Released
(5.15.0-1030.35)
|
|
| noble |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-gkeop-5.15
Launchpad, Ubuntu, Debian |
focal |
Released
(5.15.0-1030.35~20.04.1)
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-gkeop-5.4
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(end of kernel support)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(end of life)
|
|
|
linux-hwe
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(replaced by linux-hwe-5.4)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
| xenial |
Ignored
(ESM criteria, was needed)
|
|
|
linux-hwe-5.11
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-hwe-5.13)
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-hwe-5.13)
|
|
|
linux-hwe-5.13
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-hwe-5.15)
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-hwe-5.15)
|
|
|
linux-hwe-5.15
Launchpad, Ubuntu, Debian |
focal |
Released
(5.15.0-86.96~20.04.1)
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-hwe-5.19
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Ignored
(superseded by linux-hwe-6.2)
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-hwe-6.2)
|
|
|
linux-hwe-5.4
Launchpad, Ubuntu, Debian |
bionic |
Pending
(5.4.0-166.183~18.04.2)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-hwe-5.8
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-hwe-5.11)
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-hwe-5.11)
|
|
|
linux-hwe-6.2
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Ignored
(superseded by linux-hwe-6.5)
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-hwe-6.5)
|
|
|
linux-hwe-6.5
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Ignored
(superseded by linux-hwe-6.8)
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-hwe-6.8)
|
|
|
linux-hwe-6.8
Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| jammy |
Not vulnerable
(6.8.0-38.38~22.04.1)
|
|
| noble |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
| xenial |
Does not exist
|
|
|
linux-hwe-edge
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-hwe-5.4)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(end of life)
|
|
| xenial |
Ignored
(superseded by linux-hwe)
|
|
|
linux-ibm
Launchpad, Ubuntu, Debian |
focal |
Released
(5.4.0-1060.65)
|
| jammy |
Released
(5.15.0-1040.43)
|
|
| noble |
Not vulnerable
(6.5.0-1009.9)
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-ibm-5.15
Launchpad, Ubuntu, Debian |
focal |
Released
(5.15.0-1040.43~20.04.1)
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-ibm-5.4
Launchpad, Ubuntu, Debian |
bionic |
Pending
(5.4.0-1060.65~18.04.1)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-intel
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Does not exist
|
|
| noble |
Not vulnerable
(6.8.0-1001.6)
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-intel-5.13
Launchpad, Ubuntu, Debian |
focal |
Ignored
(end of kernel support)
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(end of life)
|
|
|
linux-intel-iot-realtime
Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
| xenial |
Does not exist
|
|
|
linux-intel-iotg
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Released
(5.15.0-1043.49)
|
|
| noble |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-intel-iotg-5.15
Launchpad, Ubuntu, Debian |
focal |
Released
(5.15.0-1043.49~20.04.1)
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-iot
Launchpad, Ubuntu, Debian |
focal |
Released
(5.4.0-1025.26)
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-kvm
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(ESM criteria, was needed)
|
| focal |
Released
(5.4.0-1102.108)
|
|
| jammy |
Released
(5.15.0-1044.49)
|
|
| noble |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
| xenial |
Not vulnerable
(4.4.0-1004.9)
|
|
|
linux-laptop
Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
| xenial |
Does not exist
|
|
|
linux-lowlatency
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Released
(5.15.0-86.95)
|
|
| noble |
Not vulnerable
(6.5.0-9.9.1)
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-lowlatency-hwe-5.15
Launchpad, Ubuntu, Debian |
focal |
Released
(5.15.0-86.95~20.04.1)
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-lowlatency-hwe-5.19
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Ignored
(superseded by linux-lowlatency-hwe-6.2)
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-lowlatency-hwe-6.2)
|
|
|
linux-lowlatency-hwe-6.2
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Ignored
(superseded by linux-lowlatency-hwe-6.5)
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-lowlatency-hwe-6.5)
|
|
|
linux-lowlatency-hwe-6.5
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Ignored
(superseded by linux-lowlatency-hwe-6.8)
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-lowlatency-hwe-6.8)
|
|
|
linux-lowlatency-hwe-6.8
Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| jammy |
Not vulnerable
(6.8.0-38.38.1~22.04.2)
|
|
| noble |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
| xenial |
Does not exist
|
|
|
linux-lts-xenial
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| trusty |
Not vulnerable
(4.4.0-13.29~14.04.1)
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-nvidia
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Released
(5.15.0-1037.37)
|
|
| noble |
Not vulnerable
(6.8.0-1007.7)
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-nvidia-6.2
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Ignored
(superseded by linux-nvidia-6.5)
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-nvidia-6.5)
|
|
|
linux-nvidia-6.5
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Not vulnerable
(6.5.0-1004.4)
|
|
| noble |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-nvidia-6.8
Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| jammy |
Not vulnerable
(6.8.0-1008.8~22.04.1)
|
|
| noble |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
| xenial |
Does not exist
|
|
|
linux-nvidia-lowlatency
Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| noble |
Not vulnerable
(6.8.0-1009.9.1)
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
| xenial |
Does not exist
|
|
|
linux-oem
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(replaced by linux-hwe-5.4)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(end of life)
|
|
|
linux-oem-5.10
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-oem-5.13)
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-oem-5.13)
|
|
|
linux-oem-5.13
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-oem-5.14)
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-oem-5.14)
|
|
|
linux-oem-5.14
Launchpad, Ubuntu, Debian |
focal |
Ignored
(replaced by linux-hwe-5.15)
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(replaced by linux-hwe-5.15)
|
|
|
linux-oem-5.17
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Ignored
(superseded by linux-oem-6.1)
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-oem-6.1)
|
|
|
linux-oem-5.6
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-oem-5.10)
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-oem-5.10)
|
|
|
linux-oem-6.0
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Ignored
(superseded by linux-oem-6.1)
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-oem-6.1)
|
|
|
linux-oem-6.1
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Ignored
(superseded by linux-oem-6.5)
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-oem-6.5)
|
|
|
linux-oem-6.5
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Not vulnerable
(6.5.0-1003.3)
|
|
| noble |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-oem-6.8
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Does not exist
|
|
| noble |
Not vulnerable
(6.8.0-1003.3)
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-oracle
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(ESM criteria, was needed)
|
| focal |
Released
(5.4.0-1112.121)
|
|
| jammy |
Released
(5.15.0-1045.51)
|
|
| noble |
Not vulnerable
(6.5.0-1010.10)
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
| xenial |
Ignored
(ESM criteria, was needed)
|
|
|
linux-oracle-5.0
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-oracle-5.3)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-oracle-5.3)
|
|
|
linux-oracle-5.11
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-oracle-5.13)
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-oracle-5.13)
|
|
|
linux-oracle-5.13
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-oracle-5.15)
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-oracle-5.15)
|
|
|
linux-oracle-5.15
Launchpad, Ubuntu, Debian |
focal |
Released
(5.15.0-1045.51~20.04.1)
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-oracle-5.3
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-oracle-5.4)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-oracle-5.4)
|
|
|
linux-oracle-5.4
Launchpad, Ubuntu, Debian |
bionic |
Pending
(5.4.0-1112.121~18.04.4)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-oracle-5.8
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-oracle-5.11)
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-oracle-5.11)
|
|
|
linux-oracle-6.5
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Not vulnerable
(6.5.0-1013.13~22.04.4)
|
|
| noble |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-raspi
Launchpad, Ubuntu, Debian |
focal |
Released
(5.4.0-1097.109)
|
| jammy |
Released
(5.15.0-1040.43)
|
|
| noble |
Not vulnerable
(6.5.0-1005.7)
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-raspi-5.4
Launchpad, Ubuntu, Debian |
bionic |
Pending
(5.4.0-1097.109~18.04.2)
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-raspi-realtime
Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
| xenial |
Does not exist
|
|
|
linux-raspi2
Launchpad, Ubuntu, Debian |
focal |
Ignored
(replaced by linux-raspi)
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(replaced by linux-raspi)
|
|
|
linux-realtime
Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| jammy |
Ignored
(superseded by Ubuntu Pro ppa version)
|
|
| noble |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
| xenial |
Does not exist
|
|
|
linux-riscv
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-riscv-5.8)
|
| jammy |
Ignored
(end of kernel support)
|
|
| noble |
Not vulnerable
(6.5.0-9.9.1)
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-riscv-5.11
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-riscv-5.13)
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-riscv-5.13)
|
|
|
linux-riscv-5.15
Launchpad, Ubuntu, Debian |
focal |
Released
(5.15.0-1043.47~20.04.1)
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-riscv-5.19
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Ignored
(end of kernel support)
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(end of life)
|
|
|
linux-riscv-5.8
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-riscv-5.11)
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-riscv-5.11)
|
|
|
linux-riscv-6.5
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Not vulnerable
(6.5.0-17.17.1.1~22.04.1)
|
|
| noble |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-riscv-6.8
Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| jammy |
Not vulnerable
(6.8.0-38.38.1~22.04.1)
|
|
| noble |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
| xenial |
Does not exist
|
|
|
linux-starfive
Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| jammy |
Does not exist
|
|
| noble |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
| xenial |
Does not exist
|
|
|
linux-starfive-5.19
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Ignored
(end of kernel support)
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(end of life)
|
|
|
linux-starfive-6.2
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Ignored
(superseded by linux-starfive-6.5)
|
|
| noble |
Does not exist
|
|
| upstream |
Ignored
(superseded by linux-starfive-6.5)
|
|
|
linux-starfive-6.5
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
| jammy |
Not vulnerable
(6.5.0-1007.8~22.04.1)
|
|
| noble |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
|
linux-xilinx-zynqmp
Launchpad, Ubuntu, Debian |
focal |
Released
(5.4.0-1033.37)
|
| jammy |
Released
(5.15.0-1025.29)
|
|
| noble |
Does not exist
|
|
| upstream |
Released
(6.5~rc1, 5.4.251, 5.15.121)
|
|
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 7.8 |
| Attack vector | Local |
| Attack complexity | Low |
| Privileges required | Low |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | High |
| Integrity impact | High |
| Availability impact | High |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
References
- https://www.cve.org/CVERecord?id=CVE-2023-52885
- https://git.kernel.org/linus/fc80fc2d4e39137869da3150ee169b40bf879287 (6.5-rc1)
- https://git.kernel.org/stable/c/c7b8c2d06e437639694abe76978e915cfb73f428
- https://git.kernel.org/stable/c/dfc896c4a75cb8cd7cb2dfd9b469cf1e3f004254
- https://git.kernel.org/stable/c/42725e5c1b181b757ba11d804443922982334d9b
- https://git.kernel.org/stable/c/cd5ec3ee52ce4b7e283cc11facfa420c297c8065
- https://git.kernel.org/stable/c/fbf4ace39b2e4f3833236afbb2336edbafd75eee
- https://git.kernel.org/stable/c/ef047411887ff0845afd642d6a687819308e1a4e
- https://git.kernel.org/stable/c/7e1f989055622fd086c5dfb291fc72adf5660b6f
- https://git.kernel.org/stable/c/fc80fc2d4e39137869da3150ee169b40bf879287
- NVD
- Launchpad
- Debian