Rapid7 Vulnerability & Exploit Database

Ubuntu: (Multiple Advisories) (CVE-2023-0458): Linux kernel vulnerabilities

Free InsightVM Trial No Credit Card Necessary

Watch Demo See how it all works

Back to Search

Ubuntu: (Multiple Advisories) (CVE-2023-0458): Linux kernel vulnerabilities

Severity

CVSS

(AV:L/AC:M/Au:N/C:P/I:P/A:P)

Published

04/26/2023

Created

05/17/2023

Added

05/17/2023

Modified

09/20/2023

Description

A speculative pointer dereference problem exists in the Linux Kernel on the do_prlimit() function. The resource argument value is controlled and is used in pointer arithmetic for the 'rlim' variable and can be used to leak the contents. We recommend upgrading past version 6.1.8 or commit 739790605705ddcf18f21782b9c99ad7d53a8c11

Solution(s)

ubuntu-upgrade-linux-image-3-13-0-193-generic
ubuntu-upgrade-linux-image-3-13-0-193-lowlatency
ubuntu-upgrade-linux-image-4-4-0-1121-aws
ubuntu-upgrade-linux-image-4-4-0-1122-kvm
ubuntu-upgrade-linux-image-4-4-0-1159-aws
ubuntu-upgrade-linux-image-4-4-0-243-generic
ubuntu-upgrade-linux-image-4-4-0-243-lowlatency
ubuntu-upgrade-linux-image-5-15-0-1030-intel-iotg
ubuntu-upgrade-linux-image-5-19-0-1018-raspi
ubuntu-upgrade-linux-image-5-19-0-1018-raspi-nolpae
ubuntu-upgrade-linux-image-5-19-0-1022-ibm
ubuntu-upgrade-linux-image-5-19-0-1023-kvm
ubuntu-upgrade-linux-image-5-19-0-1023-oracle
ubuntu-upgrade-linux-image-5-19-0-1024-gcp
ubuntu-upgrade-linux-image-5-19-0-1024-lowlatency
ubuntu-upgrade-linux-image-5-19-0-1024-lowlatency-64k
ubuntu-upgrade-linux-image-5-19-0-1025-aws
ubuntu-upgrade-linux-image-5-19-0-1026-azure
ubuntu-upgrade-linux-image-5-19-0-42-generic
ubuntu-upgrade-linux-image-5-19-0-42-generic-64k
ubuntu-upgrade-linux-image-5-19-0-42-generic-lpae
ubuntu-upgrade-linux-image-5-4-0-1017-iot
ubuntu-upgrade-linux-image-5-4-0-1024-xilinx-zynqmp
ubuntu-upgrade-linux-image-5-4-0-1062-bluefield
ubuntu-upgrade-linux-image-6-0-0-1021-oem
ubuntu-upgrade-linux-image-aws
ubuntu-upgrade-linux-image-azure
ubuntu-upgrade-linux-image-bluefield
ubuntu-upgrade-linux-image-gcp
ubuntu-upgrade-linux-image-generic
ubuntu-upgrade-linux-image-generic-64k
ubuntu-upgrade-linux-image-generic-64k-hwe-22-04
ubuntu-upgrade-linux-image-generic-hwe-22-04
ubuntu-upgrade-linux-image-generic-lpae
ubuntu-upgrade-linux-image-generic-lpae-hwe-22-04
ubuntu-upgrade-linux-image-generic-lts-trusty
ubuntu-upgrade-linux-image-generic-lts-xenial
ubuntu-upgrade-linux-image-ibm
ubuntu-upgrade-linux-image-intel
ubuntu-upgrade-linux-image-intel-iotg
ubuntu-upgrade-linux-image-kvm
ubuntu-upgrade-linux-image-lowlatency
ubuntu-upgrade-linux-image-lowlatency-64k
ubuntu-upgrade-linux-image-lowlatency-lts-xenial
ubuntu-upgrade-linux-image-oem-22-04b
ubuntu-upgrade-linux-image-oracle
ubuntu-upgrade-linux-image-raspi
ubuntu-upgrade-linux-image-raspi-nolpae
ubuntu-upgrade-linux-image-server
ubuntu-upgrade-linux-image-virtual
ubuntu-upgrade-linux-image-virtual-hwe-22-04
ubuntu-upgrade-linux-image-virtual-lts-xenial
ubuntu-upgrade-linux-image-xilinx-zynqmp

References

https://attackerkb.com/topics/cve-2023-0458
CVE - 2023-0458
USN-6079-1
USN-6091-1
USN-6093-1
USN-6096-1
USN-6134-1
USN-6222-1
USN-6254-1
USN-6256-1
USN-6341-1
USN-6385-1

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

Ubuntu: (Multiple Advisories) (CVE-2023-0458): Linux kernel vulnerabilities

Ubuntu: (Multiple Advisories) (CVE-2023-0458): Linux kernel vulnerabilities

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.