{"id":"USN-6135-1","summary":"linux-azure-fde, linux-azure-fde-5.15 vulnerabilities","details":"Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in\nthe netfilter subsystem of the Linux kernel when processing batch requests,\nleading to a use-after-free vulnerability. A local attacker could use this\nto cause a denial of service (system crash) or possibly execute arbitrary\ncode. (CVE-2023-32233)\n\nGwangun Jung discovered that the Quick Fair Queueing scheduler\nimplementation in the Linux kernel contained an out-of-bounds write\nvulnerability. A local attacker could use this to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2023-31436)\n\nReima Ishii discovered that the nested KVM implementation for Intel x86\nprocessors in the Linux kernel did not properly validate control registers\nin certain situations. An attacker in a guest VM could use this to cause a\ndenial of service (guest crash). (CVE-2023-30456)\n\nIt was discovered that the Broadcom FullMAC USB WiFi driver in the Linux\nkernel did not properly perform data buffer size validation in some\nsituations. A physically proximate attacker could use this to craft a\nmalicious USB device that when inserted, could cause a denial of service\n(system crash) or possibly expose sensitive information. (CVE-2023-1380)\n\nJean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu\nLinux kernel contained a race condition when handling inode locking in some\nsituations. A local attacker could use this to cause a denial of service\n(kernel deadlock). (CVE-2023-2612)\n\n","modified":"2026-02-10T04:43:09Z","published":"2023-06-02T15:52:36Z","related":["UBUNTU-CVE-2023-1380","UBUNTU-CVE-2023-2612","UBUNTU-CVE-2023-30456","UBUNTU-CVE-2023-31436","UBUNTU-CVE-2023-32233"],"upstream":["CVE-2023-1380","CVE-2023-2612","CVE-2023-30456","CVE-2023-31436","CVE-2023-32233","UBUNTU-CVE-2023-1380","UBUNTU-CVE-2023-2612","UBUNTU-CVE-2023-30456","UBUNTU-CVE-2023-31436","UBUNTU-CVE-2023-32233"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-6135-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-1380"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-2612"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-30456"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-31436"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-32233"}],"affected":[{"package":{"name":"linux-azure-fde-5.15","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/linux-azure-fde-5.15@5.15.0-1039.46~20.04.1.1?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.15.0-1039.46~20.04.1.1"}]}],"versions":["5.15.0-1019.24~20.04.1.1","5.15.0-1020.25~20.04.1.1","5.15.0-1021.26~20.04.1.1","5.15.0-1029.36~20.04.1.1","5.15.0-1030.37~20.04.1.1","5.15.0-1031.38~20.04.1.1","5.15.0-1033.40~20.04.1.1","5.15.0-1034.41~20.04.1.2","5.15.0-1035.42~20.04.1.1","5.15.0-1036.43~20.04.1.1","5.15.0-1037.44~20.04.1.1","5.15.0-1038.45~20.04.1.1"],"ecosystem_specific":{"binaries":[{"binary_name":"linux-image-unsigned-5.15.0-1039-azure-fde","binary_version":"5.15.0-1039.46~20.04.1.1"}],"availability":"No subscription required"},"database_specific":{"cves_map":{"cves":[],"ecosystem":"Ubuntu:20.04:LTS"},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6135-1.json"}},{"package":{"name":"linux-azure-fde","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/linux-azure-fde@5.15.0-1039.46.1?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.15.0-1039.46.1"}]}],"versions":["5.15.0-1019.24.1","5.15.0-1024.30.1","5.15.0-1029.36.1","5.15.0-1030.37.1","5.15.0-1031.38.1","5.15.0-1033.40.1","5.15.0-1034.41.1","5.15.0-1035.42.1","5.15.0-1036.43.1","5.15.0-1037.44.1","5.15.0-1038.45.1"],"ecosystem_specific":{"binaries":[{"binary_name":"linux-image-unsigned-5.15.0-1039-azure-fde","binary_version":"5.15.0-1039.46.1"}],"availability":"No subscription required"},"database_specific":{"cves_map":{"cves":[{"id":"CVE-2023-1380","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"},{"type":"Ubuntu","score":"high"}]},{"id":"CVE-2023-2612","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2023-30456","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"},{"type":"Ubuntu","score":"high"}]},{"id":"CVE-2023-31436","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"high"}]},{"id":"CVE-2023-32233","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"high"}]}],"ecosystem":"Ubuntu:22.04:LTS"},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6135-1.json"}}],"schema_version":"1.7.3"}