Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2023-6111

Published: 14 November 2023

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The function nft_trans_gc_catchall did not remove the catchall set element from the catchall_list when the argument sync is true, making it possible to free a catchall set element many times. We recommend upgrading past commit 93995bf4af2c5a99e2a87f0cd5ce547d31eb7630.

From the Ubuntu Security Team

Lonial Con discovered that the netfilter subsystem in the Linux kernel did not properly handle an expired catchall element in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.

Notes

AuthorNote
rodrigo-zaiden
Google kCTF submission
for 5.15 kernels, there was never a release with the commit
that introduces the issue. in version 5.15.0-94.104 for the
generic kernel, and for the kernels that derivate from that
version, both the break and the fix commit were added, but
still, there is no vulnerable version released. hence,
Ubuntu 5.15 kernels are not-affected.

Mitigation

If not needed, disable the ability for unprivileged users
to create namespaces. To do this temporarily, do:
  sudo sysctl -w kernel.unprivileged_userns_clone=0
To disable across reboots, do:
  echo kernel.unprivileged_userns_clone=0 | \
  sudo tee /etc/sysctl.d/99-disable-unpriv-userns.conf

Priority

Medium

Cvss 3 Severity Score

7.8

Score breakdown

Status

Package Release Status
linux-hwe
Launchpad, Ubuntu, Debian
trusty Does not exist

bionic Ignored
(replaced by linux-hwe-5.4)
focal Does not exist

jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream
Released (6.7~rc1)
xenial Not vulnerable
(4.8.0-39.42~16.04.1)
linux-hwe-5.4
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

focal Does not exist

jammy Does not exist

lunar Does not exist

mantic Does not exist

bionic Not vulnerable
(5.4.0-37.41~18.04.1)
upstream
Released (6.7~rc1)
linux-hwe-5.8
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Ignored
(superseded by linux-hwe-5.11)
jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream Ignored
(superseded by linux-hwe-5.11)
linux-hwe-5.11
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Ignored
(superseded by linux-hwe-5.13)
jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream Ignored
(superseded by linux-hwe-5.13)
linux-hwe-5.13
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Ignored
(superseded by linux-hwe-5.15)
jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream Ignored
(superseded by linux-hwe-5.15)
linux-hwe-5.15
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

jammy Does not exist

lunar Does not exist

mantic Does not exist

focal Not vulnerable
(5.15.0-33.34~20.04.1)
upstream
Released (6.7~rc1)
linux-hwe-5.19
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Does not exist

jammy Ignored
(superseded by linux-hwe-6.2)
lunar Does not exist

mantic Does not exist

upstream Ignored
(superseded by linux-hwe-6.2)
linux-hwe-6.2
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Does not exist

lunar Does not exist

mantic Does not exist

jammy Not vulnerable
(6.2.0-25.25~22.04.2)
upstream
Released (6.7~rc1)
linux-hwe-edge
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Ignored
(superseded by linux-hwe)
bionic Ignored
(superseded by linux-hwe-5.4)
focal Does not exist

jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream Ignored
(end of life)
linux-lts-xenial
Launchpad, Ubuntu, Debian
xenial Does not exist

bionic Does not exist

focal Does not exist

jammy Does not exist

lunar Does not exist

mantic Does not exist

trusty Not vulnerable
(4.4.0-13.29~14.04.1)
upstream
Released (6.7~rc1)
linux-kvm
Launchpad, Ubuntu, Debian
trusty Does not exist

mantic Does not exist

bionic Not vulnerable
(4.15.0-1002.2)
focal Not vulnerable
(5.4.0-1004.4)
jammy Not vulnerable
(5.13.0-1004.4)
lunar Not vulnerable
(5.19.0-1008.8)
upstream
Released (6.7~rc1)
xenial Not vulnerable
(4.4.0-1004.9)
linux-allwinner
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Does not exist

jammy Does not exist

lunar Ignored
(end of kernel support)
mantic Does not exist

upstream Ignored
(end of life)
linux-allwinner-5.19
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Does not exist

jammy Ignored
(end of kernel support)
lunar Does not exist

mantic Does not exist

upstream Ignored
(end of life)
linux-aws-5.0
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Ignored
(superseded by linux-hwe-5.3)
focal Does not exist

jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream Ignored
(superseded by linux-hwe-5.3)
linux-aws-5.3
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Ignored
(superseded by linux-aws-5.4)
focal Does not exist

jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream Ignored
(superseded by linux-aws-5.4)
linux-aws-5.4
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

focal Does not exist

jammy Does not exist

lunar Does not exist

mantic Does not exist

bionic Not vulnerable
(5.4.0-1018.18~18.04.1)
upstream
Released (6.7~rc1)
linux-aws-5.8
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Ignored
(superseded by linux-aws-5.11)
jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream Ignored
(superseded by linux-aws-5.11)
linux-aws-5.11
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Ignored
(superseded by linux-aws-5.13)
jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream Ignored
(superseded by linux-aws-5.13)
linux-aws-5.13
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Ignored
(superseded by linux-aws-5.15)
jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream Ignored
(superseded by linux-aws-5.15)
linux-aws-5.15
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

jammy Does not exist

lunar Does not exist

mantic Does not exist

focal Not vulnerable
(5.15.0-1014.18~20.04.1)
upstream
Released (6.7~rc1)
linux-aws-5.19
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Does not exist

jammy Ignored
(superseded by linux-aws-6.2)
lunar Does not exist

mantic Does not exist

upstream Ignored
(superseded by linux-aws-6.2)
linux-aws-6.2
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Does not exist

lunar Does not exist

mantic Does not exist

jammy Not vulnerable
(6.2.0-1005.5~22.04.1)
upstream
Released (6.7~rc1)
linux-aws-hwe
Launchpad, Ubuntu, Debian
trusty Does not exist

bionic Does not exist

focal Does not exist

jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream
Released (6.7~rc1)
xenial Not vulnerable
(4.15.0-1030.31~16.04.1)
linux-azure
Launchpad, Ubuntu, Debian
bionic Ignored
(superseded by linux-azure-5.3)
focal Not vulnerable
(5.4.0-1006.6)
jammy Not vulnerable
(5.13.0-1006.7)
lunar Not vulnerable
(5.19.0-1008.8)
mantic Not vulnerable
(6.2.0-1003.3)
trusty Not vulnerable
(4.15.0-1023.24~14.04.1)
upstream
Released (6.7~rc1)
xenial Not vulnerable
(4.11.0-1009.9)
linux-azure-4.15
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

focal Does not exist

jammy Does not exist

lunar Does not exist

mantic Does not exist

bionic Not vulnerable
(4.15.0-1082.92)
upstream
Released (6.7~rc1)
linux-azure-5.3
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Ignored
(superseded by linux-azure-5.4)
focal Does not exist

jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream Ignored
(superseded by linux-azure-5.4)
linux-azure-5.4
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

focal Does not exist

jammy Does not exist

lunar Does not exist

mantic Does not exist

bionic Not vulnerable
(5.4.0-1020.20~18.04.1)
upstream
Released (6.7~rc1)
linux-azure-5.8
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Ignored
(superseded by linux-azure-5.11)
jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream Ignored
(superseded by linux-azure-5.11)
linux-azure-5.11
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Ignored
(superseded by linux-azure-5.13)
jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream Ignored
(superseded by linux-azure-5.13)
linux-azure-5.13
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Ignored
(superseded by linux-azure-5.15)
jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream Ignored
(superseded by linux-azure-5.15)
linux-azure-5.15
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

jammy Does not exist

lunar Does not exist

mantic Does not exist

focal Not vulnerable
(5.15.0-1007.8~20.04.1)
upstream
Released (6.7~rc1)
linux-azure-5.19
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Does not exist

jammy Ignored
(superseded by linux-azure-6.2)
lunar Does not exist

mantic Does not exist

upstream Ignored
(superseded by linux-azure-6.2)
linux-azure-6.2
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Does not exist

lunar Does not exist

mantic Does not exist

jammy Not vulnerable
(6.2.0-1005.5~22.04.1)
upstream
Released (6.7~rc1)
linux-azure-fde
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Ignored
(superseded by linux-azure-fde-5.15)
lunar Does not exist

mantic Does not exist

jammy Not vulnerable
(5.13.0-1006.7)
upstream
Released (6.7~rc1)
linux-azure-fde-5.15
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

jammy Does not exist

lunar Does not exist

mantic Does not exist

focal Not vulnerable
(5.15.0-1007.8~20.04.1)
upstream
Released (6.7~rc1)
linux-azure-fde-5.19
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Does not exist

jammy Ignored
(superseded by linux-azure-fde-6.2)
lunar Does not exist

mantic Does not exist

upstream Ignored
(superseded by linux-azure-fde-6.2)
linux-azure-fde-6.2
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Does not exist

lunar Does not exist

mantic Does not exist

jammy Not vulnerable
(6.2.0-1005.5~22.04.1)
upstream
Released (6.7~rc1)
linux-bluefield
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

lunar Does not exist

mantic Does not exist

upstream
Released (6.7~rc1)
focal Not vulnerable
(5.4.0-1007.10)
jammy Not vulnerable
(5.15.0-1011.13)
linux-dell300x
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Ignored
(end of standard support)
focal Does not exist

jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream Ignored
(end of life)
linux-azure-edge
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Ignored
(superseded by linux-azure-5.3)
focal Does not exist

jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream Ignored
(superseded by linux-azure-5.3)
linux-fips
Launchpad, Ubuntu, Debian
trusty Ignored
(end of standard support)
xenial Ignored
(end of standard support)
bionic Does not exist

focal Does not exist

jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream
Released (6.7~rc1)
linux-gcp
Launchpad, Ubuntu, Debian
trusty Does not exist

bionic Ignored
(superseded by linux-gcp-5.3)
focal Not vulnerable
(5.4.0-1005.5)
jammy Not vulnerable
(5.13.0-1005.6)
lunar Not vulnerable
(5.19.0-1008.8)
mantic Not vulnerable
(6.2.0-1005.5)
upstream
Released (6.7~rc1)
xenial Not vulnerable
(4.10.0-1004.4)
linux-gcp-4.15
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

focal Does not exist

jammy Does not exist

lunar Does not exist

mantic Does not exist

bionic Not vulnerable
(4.15.0-1071.81)
upstream
Released (6.7~rc1)
linux-gcp-5.3
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Ignored
(superseded by linux-gcp-5.4)
focal Does not exist

jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream Ignored
(superseded by linux-gcp-5.4)
linux-gcp-5.4
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

focal Does not exist

jammy Does not exist

lunar Does not exist

mantic Does not exist

bionic Not vulnerable
(5.4.0-1019.19~18.04.2)
upstream
Released (6.7~rc1)
linux-gcp-5.8
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Ignored
(superseded by linux-gcp-5.11)
jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream Ignored
(superseded by linux-gcp-5.11)
linux-gcp-5.11
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Ignored
(superseded by linux-gcp-5.13)
jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream Ignored
(superseded by linux-gcp-5.13)
linux-gcp-5.13
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Ignored
(superseded by linux-gcp-5.15)
jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream Ignored
(superseded by linux-gcp-5.15)
linux-gcp-5.15
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

jammy Does not exist

lunar Does not exist

mantic Does not exist

focal Not vulnerable
(5.15.0-1006.9~20.04.1)
upstream
Released (6.7~rc1)
linux-gcp-5.19
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Does not exist

jammy Ignored
(superseded by linux-gcp-6.2)
lunar Does not exist

mantic Does not exist

upstream
Released (6.7~rc1)
linux-gcp-6.2
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Does not exist

lunar Does not exist

mantic Does not exist

jammy Not vulnerable
(6.2.0-1009.9~22.04.3)
upstream
Released (6.7~rc1)
linux-gke
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Ignored
(end of standard support)
bionic Does not exist

focal Ignored
(end of kernel support)
lunar Does not exist

mantic Does not exist

jammy Not vulnerable
(5.15.0-1002.2)
upstream
Released (6.7~rc1)
linux-gke-4.15
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Ignored
(superseded by linux-gke-5.0)
focal Does not exist

jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream Ignored
(superseded by linux-gke-5.0)
linux-gke-5.0
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Ignored
(superseded by linux-gke-5.3)
focal Does not exist

jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream Ignored
(superseded by linux-gke-5.3)
linux-gke-5.3
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Ignored
(superseded by linux-gke-5.4)
focal Does not exist

jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream Ignored
(superseded by linux-gke-5.4)
linux-gke-5.4
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Ignored
(end of kernel support)
focal Does not exist

jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream Ignored
(end of life)
linux-gke-5.15
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Ignored
(end of kernel support)
jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream Ignored
(end of life)
linux-gkeop
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

lunar Does not exist

mantic Does not exist

focal Not vulnerable
(5.4.0-1008.9)
jammy Not vulnerable
(5.15.0-1001.2)
upstream
Released (6.7~rc1)
linux-gkeop-5.4
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Ignored
(end of kernel support)
focal Does not exist

jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream Ignored
(end of life)
linux-gkeop-5.15
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

jammy Does not exist

lunar Does not exist

mantic Does not exist

focal Not vulnerable
(5.15.0-1003.5~20.04.2)
upstream
Released (6.7~rc1)
linux-ibm
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Not vulnerable
(5.4.0-1003.4)
jammy Not vulnerable
(5.15.0-1002.2)
upstream
Released (6.7~rc1)
lunar Ignored
(end of kernel support, was needs-triage)
mantic Ignored
(end of kernel support, was needs-triage)
linux-ibm-5.4
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

focal Does not exist

jammy Does not exist

lunar Does not exist

mantic Does not exist

bionic Not vulnerable
(5.4.0-1010.11~18.04.2)
upstream
Released (6.7~rc1)
linux-ibm-5.15
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

jammy Does not exist

lunar Does not exist

mantic Does not exist

focal Not vulnerable
(5.15.0-1033.36~20.04.1)
upstream
Released (6.7~rc1)
linux-intel-5.13
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Ignored
(end of kernel support)
jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream Ignored
(end of life)
linux-intel-iotg
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Does not exist

lunar Does not exist

mantic Does not exist

jammy Not vulnerable
(5.15.0-1004.6)
upstream
Released (6.7~rc1)
linux-intel-iotg-5.15
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

jammy Does not exist

lunar Does not exist

mantic Does not exist

focal Not vulnerable
(5.15.0-1003.5~20.04.1)
upstream
Released (6.7~rc1)
linux-iot
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

jammy Does not exist

lunar Does not exist

mantic Does not exist

focal Not vulnerable
(5.4.0-1001.3)
upstream
Released (6.7~rc1)
linux-laptop
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Does not exist

jammy Does not exist

lunar Does not exist

mantic Not vulnerable
(6.5.0-1003.6)
upstream
Released (6.7~rc1)
linux-lowlatency
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Does not exist

jammy Not vulnerable
(5.15.0-22.22)
lunar Not vulnerable
(5.19.0-1007.7)
mantic Not vulnerable
(6.2.0-1003.3)
upstream
Released (6.7~rc1)
linux-lowlatency-hwe-5.15
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

jammy Does not exist

lunar Does not exist

mantic Does not exist

focal Not vulnerable
(5.15.0-33.34~20.04.1)
upstream
Released (6.7~rc1)
linux-lowlatency-hwe-5.19
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Does not exist

jammy Ignored
(superseded by linux-lowlatency-hwe-6.2)
lunar Does not exist

mantic Does not exist

upstream Ignored
(superseded by linux-lowlatency-hwe-6.2)
linux-lowlatency-hwe-6.2
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Does not exist

lunar Does not exist

mantic Does not exist

jammy Not vulnerable
(6.2.0-1008.8~22.04.1)
upstream
Released (6.7~rc1)
linux-nvidia
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Does not exist

lunar Does not exist

mantic Does not exist

jammy Not vulnerable
(5.15.0-1005.5)
upstream
Released (6.7~rc1)
linux-nvidia-6.2
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Does not exist

lunar Does not exist

mantic Does not exist

jammy Not vulnerable
(6.2.0-1003.3~22.04.1)
upstream
Released (6.7~rc1)
linux-oracle
Launchpad, Ubuntu, Debian
trusty Does not exist

bionic Not vulnerable
(4.15.0-1007.9)
focal Not vulnerable
(5.4.0-1005.5)
jammy Not vulnerable
(5.13.0-1008.10)
lunar Not vulnerable
(5.19.0-1008.8)
mantic Not vulnerable
(6.2.0-1003.3)
upstream
Released (6.7~rc1)
xenial Not vulnerable
(4.15.0-1007.9~16.04.1)
linux-oracle-5.0
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Ignored
(superseded by linux-oracle-5.3)
focal Does not exist

jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream Ignored
(superseded by linux-oracle-5.3)
linux-oracle-5.3
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Ignored
(superseded by linux-oracle-5.4)
focal Does not exist

jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream Ignored
(superseded by linux-oracle-5.4)
linux-oracle-5.4
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

focal Does not exist

jammy Does not exist

lunar Does not exist

mantic Does not exist

bionic Not vulnerable
(5.4.0-1019.19~18.04.1)
upstream
Released (6.7~rc1)
linux-oracle-5.8
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Ignored
(superseded by linux-oracle-5.11)
jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream Ignored
(superseded by linux-oracle-5.11)
linux-oracle-5.11
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Ignored
(superseded by linux-oracle-5.13)
jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream Ignored
(superseded by linux-oracle-5.13)
linux-oracle-5.13
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Ignored
(superseded by linux-oracle-5.15)
jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream Ignored
(superseded by linux-oracle-5.15)
linux-oracle-5.15
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

jammy Does not exist

lunar Does not exist

mantic Does not exist

focal Not vulnerable
(5.15.0-1007.9~20.04.1)
upstream
Released (6.7~rc1)
linux-oem
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Ignored
(end of standard support)
bionic Ignored
(replaced by linux-hwe-5.4)
focal Does not exist

jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream Ignored
(end of life)
linux-oem-5.6
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Ignored
(superseded by linux-oem-5.10)
jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream Ignored
(superseded by linux-oem-5.10)
linux-oem-5.10
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Ignored
(superseded by linux-oem-5.13)
jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream Ignored
(superseded by linux-oem-5.13)
linux-oem-5.13
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Ignored
(superseded by linux-oem-5.14)
jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream Ignored
(superseded by linux-oem-5.14)
linux-oem-5.14
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Ignored
(replaced by linux-hwe-5.15)
jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream Ignored
(replaced by linux-hwe-5.15)
linux-oem-5.17
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Does not exist

jammy Ignored
(superseded by linux-oem-6.1)
lunar Does not exist

mantic Does not exist

upstream Ignored
(superseded by linux-oem-6.1)
linux-oem-6.0
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Does not exist

jammy Ignored
(superseded by linux-oem-6.1)
lunar Does not exist

mantic Does not exist

upstream Ignored
(superseded by linux-oem-6.1)
linux-oem-6.1
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Does not exist

lunar Does not exist

mantic Does not exist

upstream
Released (6.7~rc1)
jammy
Released (6.1.0-1028.28)
linux-oem-6.5
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Does not exist

lunar Does not exist

mantic Does not exist

jammy Not vulnerable
(6.5.0-1003.3)
upstream
Released (6.7~rc1)
linux-oem-osp1
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Ignored
(end of standard support)
focal Does not exist

jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream Ignored
(end of life)
linux-raspi
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Not vulnerable
(5.4.0-1007.7)
jammy Not vulnerable
(5.13.0-1008.9)
lunar Not vulnerable
(5.19.0-1004.10)
mantic Not vulnerable
(6.2.0-1004.5)
upstream
Released (6.7~rc1)
linux-raspi2
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Ignored
(end of standard support)
bionic Ignored
(end of standard support)
focal Ignored
(replaced by linux-raspi)
jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream Ignored
(replaced by linux-raspi)
linux-raspi2-5.3
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Ignored
(end of standard support)
focal Does not exist

jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream Ignored
(superseded by linux-raspi2-5.4)
linux-raspi-5.4
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

focal Does not exist

jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream
Released (6.7~rc1)
bionic Not vulnerable
(5.4.0-1013.13~18.04.1)
linux-riscv
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Ignored
(superseded by linux-riscv-5.8)
jammy Ignored
(end of kernel support)
lunar Not vulnerable
(5.19.0-1004.4)
mantic Not vulnerable
(6.2.0-19.19.1)
upstream
Released (6.7~rc1)
linux-riscv-5.8
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Ignored
(superseded by linux-riscv-5.11)
jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream Ignored
(superseded by linux-riscv-5.11)
linux-riscv-5.11
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Ignored
(superseded by linux-riscv-5.13)
jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream Ignored
(superseded by linux-riscv-5.13)
linux-riscv-5.15
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Not vulnerable
(5.15.0-1015.17~20.04.1)
jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream
Released (6.7~rc1)
linux-riscv-5.19
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Does not exist

jammy Ignored
(end of kernel support)
lunar Does not exist

mantic Does not exist

upstream Ignored
(end of life)
linux-snapdragon
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Ignored
(end of standard support)
bionic Ignored
(end of standard support)
focal Does not exist

jammy Does not exist

lunar Does not exist

mantic Does not exist

upstream Ignored
(end of life)
linux-starfive
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Does not exist

jammy Does not exist

lunar Not vulnerable
(5.19.0-1003.4)
mantic Not vulnerable
(6.5.0-1002.3)
upstream
Released (6.7~rc1)
linux-starfive-5.19
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Does not exist

jammy Ignored
(end of kernel support)
lunar Does not exist

mantic Does not exist

upstream Ignored
(end of life)
linux-starfive-6.2
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Does not exist

lunar Does not exist

mantic Does not exist

jammy Not vulnerable
(6.2.0-1006.7~22.04.1)
upstream
Released (6.7~rc1)
linux-xilinx-zynqmp
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

lunar Does not exist

mantic Does not exist

focal Not vulnerable
(5.4.0-1020.24)
upstream
Released (6.7~rc1)
jammy Ignored
(end of kernel support, was needs-triage)
linux
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(4.13.0-16.19)
focal Not vulnerable
(5.4.0-9.12)
jammy Not vulnerable
(5.13.0-19.19)
lunar Not vulnerable
(5.19.0-21.21)
mantic Not vulnerable
(6.2.0-20.20)
trusty Not vulnerable
(3.11.0-12.19)
upstream
Released (6.7~rc1)
xenial Not vulnerable
(4.4.0-2.16)
Patches:
Introduced by

4a9e12ea7e70223555ec010bec9f711089ce96f6

Fixed by 93995bf4af2c5a99e2a87f0cd5ce547d31eb7630
linux-aws
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(4.15.0-1001.1)
focal Not vulnerable
(5.4.0-1005.5)
jammy Not vulnerable
(5.13.0-1005.6)
lunar Not vulnerable
(5.19.0-1009.9)
mantic Not vulnerable
(6.2.0-1003.3)
trusty Not vulnerable
(4.4.0-1002.2)
upstream
Released (6.7~rc1)
xenial Not vulnerable
(4.4.0-1001.10)
linux-hwe-6.5
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Does not exist

jammy Not vulnerable

lunar Does not exist

mantic Does not exist

upstream Needs triage

linux-lowlatency-hwe-6.5
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Does not exist

jammy Not vulnerable

lunar Does not exist

mantic Does not exist

upstream Needs triage

linux-riscv-6.5
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Does not exist

jammy Not vulnerable

mantic Does not exist

upstream Needs triage

linux-starfive-6.5
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Does not exist

jammy Not vulnerable

mantic Does not exist

upstream Needs triage

linux-aws-6.5
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Does not exist

jammy Not vulnerable

mantic Does not exist

upstream Needs triage

linux-azure-6.5
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Does not exist

jammy Not vulnerable

mantic Does not exist

upstream Needs triage

linux-gcp-6.5
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Does not exist

jammy Not vulnerable

mantic Does not exist

upstream Needs triage

Severity score breakdown

Parameter Value
Base score 7.8
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Scope Unchanged
Confidentiality High
Integrity impact High
Availability impact High
Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H