{"id":"USN-6260-1","summary":"linux-aws-5.19, linux-gcp-5.19, linux-hwe-5.19 vulnerabilities","details":"It was discovered that the NTFS file system implementation in the Linux\nkernel did not properly check buffer indexes in certain situations, leading\nto an out-of-bounds read vulnerability. A local attacker could possibly use\nthis to expose sensitive information (kernel memory). (CVE-2022-48502)\n\nStonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS\nimplementation in the Ubuntu Linux kernel did not properly perform\npermission checks in certain situations. A local attacker could possibly\nuse this to gain elevated privileges. (CVE-2023-2640)\n\nIt was discovered that the IP-VLAN network driver for the Linux kernel did\nnot properly initialize memory in some situations, leading to an out-of-\nbounds write vulnerability. An attacker could use this to cause a denial of\nservice (system crash) or possibly execute arbitrary code. (CVE-2023-3090)\n\nMingi Cho discovered that the netfilter subsystem in the Linux kernel did\nnot properly validate the status of a nft chain while performing a lookup\nby id, leading to a use-after-free vulnerability. An attacker could use\nthis to cause a denial of service (system crash) or possibly execute\narbitrary code. (CVE-2023-31248)\n\nIt was discovered that the Ricoh R5C592 MemoryStick card reader driver in\nthe Linux kernel contained a race condition during module unload, leading\nto a use-after-free vulnerability. A local attacker could use this to cause\na denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2023-3141)\n\nShir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in\nthe Ubuntu Linux kernel did not properly perform permission checks in\ncertain situations. A local attacker could possibly use this to gain\nelevated privileges. (CVE-2023-32629)\n\nQuerijn Voet discovered that a race condition existed in the io_uring\nsubsystem in the Linux kernel, leading to a use-after-free vulnerability. A\nlocal attacker could use this to cause a denial of service (system crash)\nor possibly execute arbitrary code. (CVE-2023-3389)\n\nIt was discovered that the netfilter subsystem in the Linux kernel did not\nproperly handle some error conditions, leading to a use-after-free\nvulnerability. A local attacker could use this to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2023-3390)\n\nTanguy Dubroca discovered that the netfilter subsystem in the Linux kernel\ndid not properly handle certain pointer data type, leading to an out-of-\nbounds write vulnerability. A privileged attacker could use this to cause a\ndenial of service (system crash) or possibly execute arbitrary code.\n(CVE-2023-35001)\n\n","modified":"2026-02-10T04:43:14Z","published":"2023-07-27T12:26:26Z","related":["UBUNTU-CVE-2022-48502","UBUNTU-CVE-2023-2640","UBUNTU-CVE-2023-3090","UBUNTU-CVE-2023-31248","UBUNTU-CVE-2023-3141","UBUNTU-CVE-2023-32629","UBUNTU-CVE-2023-3389","UBUNTU-CVE-2023-3390","UBUNTU-CVE-2023-35001"],"upstream":["CVE-2022-48502","CVE-2023-2640","CVE-2023-3090","CVE-2023-31248","CVE-2023-3141","CVE-2023-32629","CVE-2023-3389","CVE-2023-3390","CVE-2023-35001","UBUNTU-CVE-2022-48502","UBUNTU-CVE-2023-2640","UBUNTU-CVE-2023-3090","UBUNTU-CVE-2023-31248","UBUNTU-CVE-2023-3141","UBUNTU-CVE-2023-32629","UBUNTU-CVE-2023-3389","UBUNTU-CVE-2023-3390","UBUNTU-CVE-2023-35001"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-6260-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-48502"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-2640"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-3090"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-3141"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-3389"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-3390"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-31248"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-32629"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-35001"}],"affected":[{"package":{"name":"linux-aws-5.19","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/linux-aws-5.19@5.19.0-1029.30~22.04.1?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.19.0-1029.30~22.04.1"}]}],"versions":["5.19.0-1019.20~22.04.1","5.19.0-1020.21~22.04.1","5.19.0-1022.23~22.04.1","5.19.0-1023.24~22.04.1","5.19.0-1024.25~22.04.1","5.19.0-1025.26~22.04.1","5.19.0-1026.27~22.04.1","5.19.0-1027.28~22.04.1","5.19.0-1028.29~22.04.1"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"linux-aws-5.19-cloud-tools-5.19.0-1029","binary_version":"5.19.0-1029.30~22.04.1"},{"binary_name":"linux-aws-5.19-headers-5.19.0-1029","binary_version":"5.19.0-1029.30~22.04.1"},{"binary_name":"linux-aws-5.19-tools-5.19.0-1029","binary_version":"5.19.0-1029.30~22.04.1"},{"binary_name":"linux-buildinfo-5.19.0-1029-aws","binary_version":"5.19.0-1029.30~22.04.1"},{"binary_name":"linux-cloud-tools-5.19.0-1029-aws","binary_version":"5.19.0-1029.30~22.04.1"},{"binary_name":"linux-headers-5.19.0-1029-aws","binary_version":"5.19.0-1029.30~22.04.1"},{"binary_name":"linux-image-unsigned-5.19.0-1029-aws","binary_version":"5.19.0-1029.30~22.04.1"},{"binary_name":"linux-modules-5.19.0-1029-aws","binary_version":"5.19.0-1029.30~22.04.1"},{"binary_name":"linux-modules-extra-5.19.0-1029-aws","binary_version":"5.19.0-1029.30~22.04.1"},{"binary_name":"linux-tools-5.19.0-1029-aws","binary_version":"5.19.0-1029.30~22.04.1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6260-1.json","cves_map":{"ecosystem":"Ubuntu:22.04:LTS","cves":[{"id":"CVE-2022-48502","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-2640","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]},{"id":"CVE-2023-3090","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]},{"id":"CVE-2023-3141","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","type":"CVSS_V3"},{"score":"low","type":"Ubuntu"}]},{"id":"CVE-2023-3389","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]},{"id":"CVE-2023-3390","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]},{"id":"CVE-2023-31248","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]},{"id":"CVE-2023-32629","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]},{"id":"CVE-2023-35001","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]}]}}},{"package":{"name":"linux-gcp-5.19","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/linux-gcp-5.19@5.19.0-1030.32~22.04.1?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.19.0-1030.32~22.04.1"}]}],"versions":["5.19.0-1020.22~22.04.2","5.19.0-1021.23~22.04.1","5.19.0-1022.24~22.04.1","5.19.0-1024.26~22.04.1","5.19.0-1025.27~22.04.1","5.19.0-1026.28~22.04.1","5.19.0-1027.29~22.04.1"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"linux-buildinfo-5.19.0-1030-gcp","binary_version":"5.19.0-1030.32~22.04.1"},{"binary_name":"linux-gcp-5.19-headers-5.19.0-1030","binary_version":"5.19.0-1030.32~22.04.1"},{"binary_name":"linux-gcp-5.19-tools-5.19.0-1030","binary_version":"5.19.0-1030.32~22.04.1"},{"binary_name":"linux-headers-5.19.0-1030-gcp","binary_version":"5.19.0-1030.32~22.04.1"},{"binary_name":"linux-image-unsigned-5.19.0-1030-gcp","binary_version":"5.19.0-1030.32~22.04.1"},{"binary_name":"linux-modules-5.19.0-1030-gcp","binary_version":"5.19.0-1030.32~22.04.1"},{"binary_name":"linux-modules-extra-5.19.0-1030-gcp","binary_version":"5.19.0-1030.32~22.04.1"},{"binary_name":"linux-tools-5.19.0-1030-gcp","binary_version":"5.19.0-1030.32~22.04.1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6260-1.json","cves_map":{"ecosystem":"Ubuntu:22.04:LTS","cves":[{"id":"CVE-2022-48502","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-2640","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]},{"id":"CVE-2023-3090","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]},{"id":"CVE-2023-3141","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","type":"CVSS_V3"},{"score":"low","type":"Ubuntu"}]},{"id":"CVE-2023-3389","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]},{"id":"CVE-2023-3390","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]},{"id":"CVE-2023-31248","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]},{"id":"CVE-2023-32629","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]},{"id":"CVE-2023-35001","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]}]}}},{"package":{"name":"linux-hwe-5.19","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/linux-hwe-5.19@5.19.0-50.50?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.19.0-50.50"}]}],"versions":["5.19.0-28.29~22.04.1","5.19.0-32.33~22.04.1","5.19.0-35.36~22.04.1","5.19.0-38.39~22.04.1","5.19.0-40.41~22.04.1","5.19.0-41.42~22.04.1","5.19.0-42.43~22.04.1","5.19.0-43.44~22.04.1","5.19.0-45.46~22.04.1","5.19.0-46.47~22.04.1"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"linux-buildinfo-5.19.0-50-generic","binary_version":"5.19.0-50.50"},{"binary_name":"linux-buildinfo-5.19.0-50-generic-64k","binary_version":"5.19.0-50.50"},{"binary_name":"linux-buildinfo-5.19.0-50-generic-lpae","binary_version":"5.19.0-50.50"},{"binary_name":"linux-cloud-tools-5.19.0-50-generic","binary_version":"5.19.0-50.50"},{"binary_name":"linux-headers-5.19.0-50-generic","binary_version":"5.19.0-50.50"},{"binary_name":"linux-headers-5.19.0-50-generic-64k","binary_version":"5.19.0-50.50"},{"binary_name":"linux-headers-5.19.0-50-generic-lpae","binary_version":"5.19.0-50.50"},{"binary_name":"linux-hwe-5.19-cloud-tools-5.19.0-50","binary_version":"5.19.0-50.50"},{"binary_name":"linux-hwe-5.19-cloud-tools-common","binary_version":"5.19.0-50.50"},{"binary_name":"linux-hwe-5.19-headers-5.19.0-50","binary_version":"5.19.0-50.50"},{"binary_name":"linux-hwe-5.19-tools-5.19.0-50","binary_version":"5.19.0-50.50"},{"binary_name":"linux-hwe-5.19-tools-common","binary_version":"5.19.0-50.50"},{"binary_name":"linux-hwe-5.19-tools-host","binary_version":"5.19.0-50.50"},{"binary_name":"linux-image-5.19.0-50-generic","binary_version":"5.19.0-50.50"},{"binary_name":"linux-image-5.19.0-50-generic-lpae","binary_version":"5.19.0-50.50"},{"binary_name":"linux-image-unsigned-5.19.0-50-generic","binary_version":"5.19.0-50.50"},{"binary_name":"linux-image-unsigned-5.19.0-50-generic-64k","binary_version":"5.19.0-50.50"},{"binary_name":"linux-modules-5.19.0-50-generic","binary_version":"5.19.0-50.50"},{"binary_name":"linux-modules-5.19.0-50-generic-64k","binary_version":"5.19.0-50.50"},{"binary_name":"linux-modules-5.19.0-50-generic-lpae","binary_version":"5.19.0-50.50"},{"binary_name":"linux-modules-extra-5.19.0-50-generic","binary_version":"5.19.0-50.50"},{"binary_name":"linux-modules-ipu6-5.19.0-50-generic","binary_version":"5.19.0-50.50"},{"binary_name":"linux-modules-ivsc-5.19.0-50-generic","binary_version":"5.19.0-50.50"},{"binary_name":"linux-modules-iwlwifi-5.19.0-50-generic","binary_version":"5.19.0-50.50"},{"binary_name":"linux-source-5.19.0","binary_version":"5.19.0-50.50"},{"binary_name":"linux-tools-5.19.0-50-generic","binary_version":"5.19.0-50.50"},{"binary_name":"linux-tools-5.19.0-50-generic-64k","binary_version":"5.19.0-50.50"},{"binary_name":"linux-tools-5.19.0-50-generic-lpae","binary_version":"5.19.0-50.50"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6260-1.json","cves_map":{"ecosystem":"Ubuntu:22.04:LTS","cves":[{"id":"CVE-2022-48502","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-2640","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]},{"id":"CVE-2023-3090","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]},{"id":"CVE-2023-3141","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","type":"CVSS_V3"},{"score":"low","type":"Ubuntu"}]},{"id":"CVE-2023-3389","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]},{"id":"CVE-2023-3390","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]},{"id":"CVE-2023-31248","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]},{"id":"CVE-2023-32629","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]},{"id":"CVE-2023-35001","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]}]}}}],"schema_version":"1.7.3"}