ADVISORY!
TLP : CLEAR
Date : 11/01/2024
REF NO : CERT /2024/01/04
Ubuntu Linux Kernel Multiple Vulnerabilities
Severity Level: High
Components Affected
- Ubuntu 16.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 23.10
Overview
Multiple vulnerabilities were identified in Ubuntu Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution and sensitive information disclosure on the targeted system.
Description
Ubuntu has been identified with multiple critical vulnerabilities, as outlined by the following Common Vulnerabilities and Exposures (CVE) identifiers:
- CVE-2023-3006
- CVE-2023-3773
- CVE-2023-4244
- CVE-2023-5090
- CVE-2023-5158
- CVE-2023-5178
- CVE-2023-5345
- CVE-2023-5633
- CVE-2023-5717
- CVE-2023-6111
- CVE-2023-6176
- CVE-2023-20588
- CVE-2023-31085
- CVE-2023-37453
- CVE-2023-39189
- CVE-2023-39192
- CVE-2023-39193
- CVE-2023-39194
- CVE-2023-39198
- CVE-2023-42754
- CVE-2023-45863
- CVE-2023-45898
Impact
- Denial of Service
- Remote Code Execution
- Information Disclosure.
Solution/ Workarounds
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
- https://ubuntu.com/security/notices/USN-6548-4
- https://ubuntu.com/security/notices/USN-6548-5
- https://ubuntu.com/security/notices/USN-6549-4
- https://ubuntu.com/security/notices/USN-6549-5
- https://ubuntu.com/security/notices/USN-6572-1
- https://ubuntu.com/security/notices/USN-6573-1
- https://ubuntu.com/security/notices/USN-6576-1
- https://ubuntu.com/security/notices/USN-6577-1
Reference
Disclaimer : The information provided herein is on an “as is” basis, without warranty of any kind.
Sri Lanka Computer Emergency Readiness Team | Coordination Centre
- Hotline : 101
- +94 11 269 1692
- Room 4-112, BMICH, Bauddhaloka Mawatha, Colombo 07, Sri Lanka.
- General inquiry: cert@cert.gov.lk
- Security incidents: incidents@cert.gov.lk
- Social media incidents: report@cert.gov.lk
