Explore top 10 tips to secure your open-source projects now. Read More
×
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-snapdragon: Linux kernel for Qualcomm Snapdragon processors
Details:
It was discovered that the Traffic-Control Index (TCINDEX) implementation
in the Linux kernel contained a use-after-free vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2023-1281)
It was discovered that the System V IPC implementation in the Linux kernel
did not properly handle large shared memory counts. A local attacker could
use this to cause a denial of service (memory exhaustion). (CVE-2021-3669)
It was discovered that a use-after-free vulnerability existed in the SGI
GRU driver in the Linux kernel. A local attacker could possibly use this to
cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2022-3424)
Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux
kerne...
The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS: linux-image-4.15.0-1148-snapdragon 4.15.0-1148.158 linux-image-snapdragon 4.15.0.1148.147 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.
https://ubuntu.com/security/notices/USN-6030-1
CVE-2021-3669, CVE-2022-3424, CVE-2022-36280, CVE-2022-3903,
CVE-2022-41218, CVE-2022-47929, CVE-2023-0045, CVE-2023-0266,
CVE-2023-0394, CVE-2023-1073, CVE-2023-1074, CVE-2023-1281,
CVE-2023-23455, CVE-2023-23559, CVE-2023-26545, CVE-2023-28328
Get the latest Linux and open source security news straight to your inbox.