{"id":"USN-6192-1","summary":"linux, linux-allwinner, linux-allwinner-5.19, linux-aws, linux-aws-5.19, linux-azure, linux-gcp, linux-gcp-5.19, linux-hwe-5.19, linux-ibm, linux-kvm, linux-lowlatency, linux-oracle, linux-raspi, linux-starfive, linux-starfive-5.19 vulnerabilities","details":"Hangyu Hua discovered that the Flower classifier implementation in the\nLinux kernel contained an out-of-bounds write vulnerability. An attacker\ncould use this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2023-35788, LP: #2023577)\n\nXingyuan Mo and Gengjia Chen discovered that the io_uring subsystem in the\nLinux kernel did not properly handle locking when IOPOLL mode is being\nused. A local attacker could use this to cause a denial of service (system\ncrash). (CVE-2023-2430)\n\nIt was discovered that for some Intel processors the INVLPG instruction\nimplementation did not properly flush global TLB entries when PCIDs are\nenabled. An attacker could use this to expose sensitive information\n(kernel memory) or possibly cause undesired behaviors. (LP: #2023220)\n\n","modified":"2026-02-10T04:43:11Z","published":"2023-06-29T12:38:56Z","related":["UBUNTU-CVE-2023-2430","UBUNTU-CVE-2023-35788"],"upstream":["CVE-2023-2430","CVE-2023-35788","UBUNTU-CVE-2023-2430","UBUNTU-CVE-2023-35788"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-6192-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-2430"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-35788"},{"type":"REPORT","url":"https://launchpad.net/bugs/2023220"},{"type":"REPORT","url":"https://launchpad.net/bugs/2023577"}],"affected":[{"package":{"name":"linux-allwinner-5.19","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/linux-allwinner-5.19@5.19.0-1015.15~22.04.1?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.19.0-1015.15~22.04.1"}]}],"versions":["5.19.0-1007.7~22.04.1","5.19.0-1009.9~22.04.1","5.19.0-1010.10~22.04.1","5.19.0-1011.11~22.04.1","5.19.0-1012.12~22.04.1","5.19.0-1013.13~22.04.1","5.19.0-1014.14~22.04.1"],"ecosystem_specific":{"binaries":[{"binary_name":"linux-allwinner-5.19-headers-5.19.0-1015","binary_version":"5.19.0-1015.15~22.04.1"},{"binary_name":"linux-allwinner-5.19-tools-5.19.0-1015","binary_version":"5.19.0-1015.15~22.04.1"},{"binary_name":"linux-buildinfo-5.19.0-1015-allwinner","binary_version":"5.19.0-1015.15~22.04.1"},{"binary_name":"linux-headers-5.19.0-1015-allwinner","binary_version":"5.19.0-1015.15~22.04.1"},{"binary_name":"linux-image-5.19.0-1015-allwinner","binary_version":"5.19.0-1015.15~22.04.1"},{"binary_name":"linux-modules-5.19.0-1015-allwinner","binary_version":"5.19.0-1015.15~22.04.1"},{"binary_name":"linux-modules-extra-5.19.0-1015-allwinner","binary_version":"5.19.0-1015.15~22.04.1"},{"binary_name":"linux-tools-5.19.0-1015-allwinner","binary_version":"5.19.0-1015.15~22.04.1"}],"availability":"No subscription required"},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:22.04:LTS","cves":[{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}],"id":"CVE-2023-2430"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}],"id":"CVE-2023-35788"}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6192-1.json"}},{"package":{"name":"linux-aws-5.19","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/linux-aws-5.19@5.19.0-1028.29~22.04.1?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.19.0-1028.29~22.04.1"}]}],"versions":["5.19.0-1019.20~22.04.1","5.19.0-1020.21~22.04.1","5.19.0-1022.23~22.04.1","5.19.0-1023.24~22.04.1","5.19.0-1024.25~22.04.1","5.19.0-1025.26~22.04.1","5.19.0-1026.27~22.04.1","5.19.0-1027.28~22.04.1"],"ecosystem_specific":{"binaries":[{"binary_name":"linux-aws-5.19-cloud-tools-5.19.0-1028","binary_version":"5.19.0-1028.29~22.04.1"},{"binary_name":"linux-aws-5.19-headers-5.19.0-1028","binary_version":"5.19.0-1028.29~22.04.1"},{"binary_name":"linux-aws-5.19-tools-5.19.0-1028","binary_version":"5.19.0-1028.29~22.04.1"},{"binary_name":"linux-buildinfo-5.19.0-1028-aws","binary_version":"5.19.0-1028.29~22.04.1"},{"binary_name":"linux-cloud-tools-5.19.0-1028-aws","binary_version":"5.19.0-1028.29~22.04.1"},{"binary_name":"linux-headers-5.19.0-1028-aws","binary_version":"5.19.0-1028.29~22.04.1"},{"binary_name":"linux-image-unsigned-5.19.0-1028-aws","binary_version":"5.19.0-1028.29~22.04.1"},{"binary_name":"linux-modules-5.19.0-1028-aws","binary_version":"5.19.0-1028.29~22.04.1"},{"binary_name":"linux-modules-extra-5.19.0-1028-aws","binary_version":"5.19.0-1028.29~22.04.1"},{"binary_name":"linux-tools-5.19.0-1028-aws","binary_version":"5.19.0-1028.29~22.04.1"}],"availability":"No subscription required"},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:22.04:LTS","cves":[{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}],"id":"CVE-2023-2430"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}],"id":"CVE-2023-35788"}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6192-1.json"}},{"package":{"name":"linux-gcp-5.19","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/linux-gcp-5.19@5.19.0-1027.29~22.04.1?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.19.0-1027.29~22.04.1"}]}],"versions":["5.19.0-1020.22~22.04.2","5.19.0-1021.23~22.04.1","5.19.0-1022.24~22.04.1","5.19.0-1024.26~22.04.1","5.19.0-1025.27~22.04.1","5.19.0-1026.28~22.04.1"],"ecosystem_specific":{"binaries":[{"binary_name":"linux-buildinfo-5.19.0-1027-gcp","binary_version":"5.19.0-1027.29~22.04.1"},{"binary_name":"linux-gcp-5.19-headers-5.19.0-1027","binary_version":"5.19.0-1027.29~22.04.1"},{"binary_name":"linux-gcp-5.19-tools-5.19.0-1027","binary_version":"5.19.0-1027.29~22.04.1"},{"binary_name":"linux-headers-5.19.0-1027-gcp","binary_version":"5.19.0-1027.29~22.04.1"},{"binary_name":"linux-image-unsigned-5.19.0-1027-gcp","binary_version":"5.19.0-1027.29~22.04.1"},{"binary_name":"linux-modules-5.19.0-1027-gcp","binary_version":"5.19.0-1027.29~22.04.1"},{"binary_name":"linux-modules-extra-5.19.0-1027-gcp","binary_version":"5.19.0-1027.29~22.04.1"},{"binary_name":"linux-tools-5.19.0-1027-gcp","binary_version":"5.19.0-1027.29~22.04.1"}],"availability":"No subscription required"},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:22.04:LTS","cves":[{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}],"id":"CVE-2023-2430"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}],"id":"CVE-2023-35788"}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6192-1.json"}},{"package":{"name":"linux-hwe-5.19","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/linux-hwe-5.19@5.19.0-46.47~22.04.1?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.19.0-46.47~22.04.1"}]}],"versions":["5.19.0-28.29~22.04.1","5.19.0-32.33~22.04.1","5.19.0-35.36~22.04.1","5.19.0-38.39~22.04.1","5.19.0-40.41~22.04.1","5.19.0-41.42~22.04.1","5.19.0-42.43~22.04.1","5.19.0-43.44~22.04.1","5.19.0-45.46~22.04.1"],"ecosystem_specific":{"binaries":[{"binary_name":"linux-buildinfo-5.19.0-46-generic","binary_version":"5.19.0-46.47~22.04.1"},{"binary_name":"linux-buildinfo-5.19.0-46-generic-64k","binary_version":"5.19.0-46.47~22.04.1"},{"binary_name":"linux-buildinfo-5.19.0-46-generic-lpae","binary_version":"5.19.0-46.47~22.04.1"},{"binary_name":"linux-cloud-tools-5.19.0-46-generic","binary_version":"5.19.0-46.47~22.04.1"},{"binary_name":"linux-headers-5.19.0-46-generic","binary_version":"5.19.0-46.47~22.04.1"},{"binary_name":"linux-headers-5.19.0-46-generic-64k","binary_version":"5.19.0-46.47~22.04.1"},{"binary_name":"linux-headers-5.19.0-46-generic-lpae","binary_version":"5.19.0-46.47~22.04.1"},{"binary_name":"linux-hwe-5.19-cloud-tools-5.19.0-46","binary_version":"5.19.0-46.47~22.04.1"},{"binary_name":"linux-hwe-5.19-cloud-tools-common","binary_version":"5.19.0-46.47~22.04.1"},{"binary_name":"linux-hwe-5.19-headers-5.19.0-46","binary_version":"5.19.0-46.47~22.04.1"},{"binary_name":"linux-hwe-5.19-tools-5.19.0-46","binary_version":"5.19.0-46.47~22.04.1"},{"binary_name":"linux-hwe-5.19-tools-common","binary_version":"5.19.0-46.47~22.04.1"},{"binary_name":"linux-hwe-5.19-tools-host","binary_version":"5.19.0-46.47~22.04.1"},{"binary_name":"linux-image-5.19.0-46-generic","binary_version":"5.19.0-46.47~22.04.1"},{"binary_name":"linux-image-5.19.0-46-generic-lpae","binary_version":"5.19.0-46.47~22.04.1"},{"binary_name":"linux-image-unsigned-5.19.0-46-generic","binary_version":"5.19.0-46.47~22.04.1"},{"binary_name":"linux-image-unsigned-5.19.0-46-generic-64k","binary_version":"5.19.0-46.47~22.04.1"},{"binary_name":"linux-modules-5.19.0-46-generic","binary_version":"5.19.0-46.47~22.04.1"},{"binary_name":"linux-modules-5.19.0-46-generic-64k","binary_version":"5.19.0-46.47~22.04.1"},{"binary_name":"linux-modules-5.19.0-46-generic-lpae","binary_version":"5.19.0-46.47~22.04.1"},{"binary_name":"linux-modules-extra-5.19.0-46-generic","binary_version":"5.19.0-46.47~22.04.1"},{"binary_name":"linux-modules-ipu6-5.19.0-46-generic","binary_version":"5.19.0-46.47~22.04.1"},{"binary_name":"linux-modules-ivsc-5.19.0-46-generic","binary_version":"5.19.0-46.47~22.04.1"},{"binary_name":"linux-modules-iwlwifi-5.19.0-46-generic","binary_version":"5.19.0-46.47~22.04.1"},{"binary_name":"linux-source-5.19.0","binary_version":"5.19.0-46.47~22.04.1"},{"binary_name":"linux-tools-5.19.0-46-generic","binary_version":"5.19.0-46.47~22.04.1"},{"binary_name":"linux-tools-5.19.0-46-generic-64k","binary_version":"5.19.0-46.47~22.04.1"},{"binary_name":"linux-tools-5.19.0-46-generic-lpae","binary_version":"5.19.0-46.47~22.04.1"}],"availability":"No subscription required"},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:22.04:LTS","cves":[{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}],"id":"CVE-2023-2430"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}],"id":"CVE-2023-35788"}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6192-1.json"}},{"package":{"name":"linux-starfive-5.19","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/linux-starfive-5.19@5.19.0-1020.22~22.04.1?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.19.0-1020.22~22.04.1"}]}],"versions":["5.19.0-1014.16~22.04.1","5.19.0-1015.17~22.04.1","5.19.0-1016.18~22.04.1","5.19.0-1017.19~22.04.1","5.19.0-1018.20~22.04.1","5.19.0-1019.21~22.04.1"],"ecosystem_specific":{"binaries":[{"binary_name":"linux-buildinfo-5.19.0-1020-starfive","binary_version":"5.19.0-1020.22~22.04.1"},{"binary_name":"linux-headers-5.19.0-1020-starfive","binary_version":"5.19.0-1020.22~22.04.1"},{"binary_name":"linux-image-5.19.0-1020-starfive","binary_version":"5.19.0-1020.22~22.04.1"},{"binary_name":"linux-modules-5.19.0-1020-starfive","binary_version":"5.19.0-1020.22~22.04.1"},{"binary_name":"linux-modules-extra-5.19.0-1020-starfive","binary_version":"5.19.0-1020.22~22.04.1"},{"binary_name":"linux-starfive-5.19-headers-5.19.0-1020","binary_version":"5.19.0-1020.22~22.04.1"},{"binary_name":"linux-starfive-5.19-tools-5.19.0-1020","binary_version":"5.19.0-1020.22~22.04.1"},{"binary_name":"linux-tools-5.19.0-1020-starfive","binary_version":"5.19.0-1020.22~22.04.1"}],"availability":"No subscription required"},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:22.04:LTS","cves":[{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}],"id":"CVE-2023-2430"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}],"id":"CVE-2023-35788"}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6192-1.json"}}],"schema_version":"1.7.3"}