{"id":"USN-6396-2","summary":"linux-kvm vulnerabilities","details":"It was discovered that some AMD x86-64 processors with SMT enabled could\nspeculatively execute instructions using a return address from a sibling\nthread. A local attacker could possibly use this to expose sensitive\ninformation. (CVE-2022-27672)\n\nDaniel Moghimi discovered that some Intel(R) Processors did not properly\nclear microarchitectural state after speculative execution of various\ninstructions. A local unprivileged user could use this to obtain to\nsensitive information. (CVE-2022-40982)\n\nYang Lan discovered that the GFS2 file system implementation in the Linux\nkernel could attempt to dereference a null pointer in some situations. An\nattacker could use this to construct a malicious GFS2 image that, when\nmounted and operated on, could cause a denial of service (system crash).\n(CVE-2023-3212)\n\nIt was discovered that the NFC implementation in the Linux kernel contained\na use-after-free vulnerability when performing peer-to-peer communication\nin certain conditions. A privileged attacker could use this to cause a\ndenial of service (system crash) or possibly expose sensitive information\n(kernel memory). (CVE-2023-3863)\n\nIt was discovered that the bluetooth subsystem in the Linux kernel did not\nproperly handle L2CAP socket release, leading to a use-after-free\nvulnerability. A local attacker could use this to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2023-40283)\n\nIt was discovered that some network classifier implementations in the Linux\nkernel contained use-after-free vulnerabilities. A local attacker could use\nthis to cause a denial of service (system crash) or possibly execute\narbitrary code. (CVE-2023-4128)\n","modified":"2026-03-19T08:54:56.612809Z","published":"2023-10-05T12:39:36Z","related":["UBUNTU-CVE-2022-27672","UBUNTU-CVE-2022-40982","UBUNTU-CVE-2023-3212","UBUNTU-CVE-2023-3863","UBUNTU-CVE-2023-40283","UBUNTU-CVE-2023-4128"],"upstream":["CVE-2022-27672","CVE-2022-40982","CVE-2023-3212","CVE-2023-3863","CVE-2023-40283","CVE-2023-4128","UBUNTU-CVE-2022-27672","UBUNTU-CVE-2022-40982","UBUNTU-CVE-2023-3212","UBUNTU-CVE-2023-3863","UBUNTU-CVE-2023-40283","UBUNTU-CVE-2023-4128"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-6396-2"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-27672"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-40982"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-3212"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-3863"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-4128"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-40283"}],"affected":[{"package":{"name":"linux-kvm","ecosystem":"Ubuntu:Pro:18.04:LTS","purl":"pkg:deb/ubuntu/linux-kvm@4.15.0-1145.150?arch=source&distro=esm-infra/bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15.0-1145.150"}]}],"versions":["4.15.0-1002.2","4.15.0-1003.3","4.15.0-1004.4","4.15.0-1006.6","4.15.0-1008.8","4.15.0-1010.10","4.15.0-1011.11","4.15.0-1012.12","4.15.0-1016.16","4.15.0-1017.17","4.15.0-1019.19","4.15.0-1020.20","4.15.0-1021.21","4.15.0-1023.23","4.15.0-1025.25","4.15.0-1026.26","4.15.0-1027.27","4.15.0-1028.28","4.15.0-1029.29","4.15.0-1030.30","4.15.0-1031.31","4.15.0-1032.32","4.15.0-1034.34","4.15.0-1035.35","4.15.0-1036.36","4.15.0-1038.38","4.15.0-1039.39","4.15.0-1042.42","4.15.0-1043.43","4.15.0-1044.44","4.15.0-1046.46","4.15.0-1047.47","4.15.0-1048.48","4.15.0-1050.50","4.15.0-1051.51","4.15.0-1052.52","4.15.0-1053.53","4.15.0-1056.57","4.15.0-1058.59","4.15.0-1059.60","4.15.0-1060.61","4.15.0-1067.68","4.15.0-1069.70","4.15.0-1071.72","4.15.0-1072.73","4.15.0-1074.75","4.15.0-1075.76","4.15.0-1077.79","4.15.0-1079.81","4.15.0-1081.83","4.15.0-1082.84","4.15.0-1084.86","4.15.0-1085.87","4.15.0-1086.88","4.15.0-1087.89","4.15.0-1088.90","4.15.0-1089.91","4.15.0-1090.92","4.15.0-1091.93","4.15.0-1092.94","4.15.0-1094.96","4.15.0-1097.99","4.15.0-1098.100","4.15.0-1099.101","4.15.0-1100.102","4.15.0-1101.103","4.15.0-1102.104","4.15.0-1103.105","4.15.0-1105.107","4.15.0-1106.108","4.15.0-1107.109","4.15.0-1109.112","4.15.0-1110.113","4.15.0-1112.115","4.15.0-1113.116","4.15.0-1114.117","4.15.0-1116.119","4.15.0-1119.123","4.15.0-1122.127","4.15.0-1123.128","4.15.0-1125.130","4.15.0-1126.131","4.15.0-1127.132","4.15.0-1128.133","4.15.0-1129.134","4.15.0-1132.137","4.15.0-1133.138","4.15.0-1134.139","4.15.0-1135.140","4.15.0-1136.141","4.15.0-1137.142","4.15.0-1138.143","4.15.0-1139.144","4.15.0-1140.145","4.15.0-1141.146","4.15.0-1142.147","4.15.0-1143.148","4.15.0-1144.149"],"ecosystem_specific":{"binaries":[{"binary_name":"linux-buildinfo-4.15.0-1145-kvm","binary_version":"4.15.0-1145.150"},{"binary_name":"linux-headers-4.15.0-1145-kvm","binary_version":"4.15.0-1145.150"},{"binary_name":"linux-image-4.15.0-1145-kvm","binary_version":"4.15.0-1145.150"},{"binary_name":"linux-kvm-headers-4.15.0-1145","binary_version":"4.15.0-1145.150"},{"binary_name":"linux-kvm-tools-4.15.0-1145","binary_version":"4.15.0-1145.150"},{"binary_name":"linux-modules-4.15.0-1145-kvm","binary_version":"4.15.0-1145.150"},{"binary_name":"linux-tools-4.15.0-1145-kvm","binary_version":"4.15.0-1145.150"}],"availability":"Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6396-2.json","cves_map":{"ecosystem":"Ubuntu:Pro:18.04:LTS","cves":[{"id":"CVE-2022-27672","severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2022-40982","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-3212","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"low","type":"Ubuntu"}]},{"id":"CVE-2023-3863","severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-4128","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]},{"id":"CVE-2023-40283","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]}]}}}],"schema_version":"1.7.5"}