USN-6327-1

See a problem?
Please try reporting it to the source first.
Source
https://ubuntu.com/security/notices/USN-6327-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6327-1.json
JSON Data
https://api.test.osv.dev/v1/vulns/USN-6327-1
Upstream
Related
Published
2023-08-31T21:51:29.065011Z
Modified
2025-10-13T04:36:34Z
Summary
linux-kvm vulnerabilities
Details

Zheng Zhang discovered that the device-mapper implementation in the Linux kernel did not properly handle locking during table_clear() operations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-2269)

It was discovered that a use-after-free vulnerability existed in the HFS+ file system implementation in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-2985)

It was discovered that the DVB Core driver in the Linux kernel did not properly handle locking events in certain situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-31084)

It was discovered that the virtual terminal driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-3567)

It was discovered that the Quick Fair Queueing network scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3611)

It was discovered that the network packet classifier with netfilter/firewall marks implementation in the Linux kernel did not properly handle reference counting, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3776)

References

Affected packages

Ubuntu:Pro:16.04:LTS / linux-kvm

Package

Name
linux-kvm
Purl
pkg:deb/ubuntu/linux-kvm@4.4.0-1123.133?arch=source&distro=esm-infra/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.0-1123.133

Affected versions

4.*

4.4.0-1004.9
4.4.0-1007.12
4.4.0-1008.13
4.4.0-1009.14
4.4.0-1010.15
4.4.0-1012.17
4.4.0-1013.18
4.4.0-1015.20
4.4.0-1017.22
4.4.0-1019.24
4.4.0-1020.25
4.4.0-1021.26
4.4.0-1023.28
4.4.0-1026.31
4.4.0-1027.32
4.4.0-1029.34
4.4.0-1031.37
4.4.0-1032.38
4.4.0-1033.39
4.4.0-1035.41
4.4.0-1036.42
4.4.0-1037.43
4.4.0-1038.44
4.4.0-1039.45
4.4.0-1040.46
4.4.0-1041.47
4.4.0-1043.49
4.4.0-1044.50
4.4.0-1046.52
4.4.0-1047.53
4.4.0-1048.55
4.4.0-1051.58
4.4.0-1052.59
4.4.0-1054.61
4.4.0-1056.63
4.4.0-1058.65
4.4.0-1059.66
4.4.0-1060.67
4.4.0-1062.69
4.4.0-1063.70
4.4.0-1064.71
4.4.0-1065.72
4.4.0-1066.73
4.4.0-1068.75
4.4.0-1069.76
4.4.0-1070.77
4.4.0-1071.78
4.4.0-1075.82
4.4.0-1076.83
4.4.0-1077.84
4.4.0-1078.85
4.4.0-1079.86
4.4.0-1080.87
4.4.0-1082.91
4.4.0-1084.93
4.4.0-1085.94
4.4.0-1087.96
4.4.0-1088.97
4.4.0-1089.98
4.4.0-1090.99
4.4.0-1091.100
4.4.0-1092.101
4.4.0-1093.102
4.4.0-1094.103
4.4.0-1095.104
4.4.0-1096.105
4.4.0-1097.106
4.4.0-1098.107
4.4.0-1099.108
4.4.0-1100.109
4.4.0-1102.111
4.4.0-1103.112
4.4.0-1104.113
4.4.0-1105.114
4.4.0-1108.118
4.4.0-1110.120
4.4.0-1111.121
4.4.0-1112.122
4.4.0-1113.123
4.4.0-1114.124
4.4.0-1115.125
4.4.0-1116.126
4.4.0-1117.127
4.4.0-1118.128
4.4.0-1119.129
4.4.0-1120.130
4.4.0-1121.131
4.4.0-1122.132

Ecosystem specific 

{
    "binaries": [
        {
            "binary_version": "4.4.0-1123.133",
            "binary_name": "linux-buildinfo-4.4.0-1123-kvm"
        },
        {
            "binary_version": "4.4.0-1123.133",
            "binary_name": "linux-cloud-tools-4.4.0-1123-kvm"
        },
        {
            "binary_version": "4.4.0-1123.133",
            "binary_name": "linux-headers-4.4.0-1123-kvm"
        },
        {
            "binary_version": "4.4.0-1123.133",
            "binary_name": "linux-image-4.4.0-1123-kvm"
        },
        {
            "binary_version": "4.4.0-1123.133",
            "binary_name": "linux-kvm-cloud-tools-4.4.0-1123"
        },
        {
            "binary_version": "4.4.0-1123.133",
            "binary_name": "linux-kvm-headers-4.4.0-1123"
        },
        {
            "binary_version": "4.4.0-1123.133",
            "binary_name": "linux-kvm-tools-4.4.0-1123"
        },
        {
            "binary_version": "4.4.0-1123.133",
            "binary_name": "linux-modules-4.4.0-1123-kvm"
        },
        {
            "binary_version": "4.4.0-1123.133",
            "binary_name": "linux-tools-4.4.0-1123-kvm"
        }
    ],
    "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro"
}

Database specific

cves_map

{
    "ecosystem": "Ubuntu:Pro:16.04:LTS",
    "cves": [
        {
            "id": "CVE-2023-2269",
            "severity": [
                {
                    "type": "CVSS_V3",
                    "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H"
                },
                {
                    "type": "Ubuntu",
                    "score": "medium"
                }
            ]
        },
        {
            "id": "CVE-2023-2985",
            "severity": [
                {
                    "type": "CVSS_V3",
                    "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
                },
                {
                    "type": "CVSS_V3",
                    "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
                },
                {
                    "type": "Ubuntu",
                    "score": "medium"
                }
            ]
        },
        {
            "id": "CVE-2023-3567",
            "severity": [
                {
                    "type": "CVSS_V3",
                    "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"
                },
                {
                    "type": "CVSS_V3",
                    "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"
                },
                {
                    "type": "Ubuntu",
                    "score": "high"
                }
            ]
        },
        {
            "id": "CVE-2023-3611",
            "severity": [
                {
                    "type": "CVSS_V3",
                    "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
                },
                {
                    "type": "CVSS_V3",
                    "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
                },
                {
                    "type": "Ubuntu",
                    "score": "high"
                }
            ]
        },
        {
            "id": "CVE-2023-3776",
            "severity": [
                {
                    "type": "CVSS_V3",
                    "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
                },
                {
                    "type": "CVSS_V3",
                    "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
                },
                {
                    "type": "Ubuntu",
                    "score": "high"
                }
            ]
        },
        {
            "id": "CVE-2023-31084",
            "severity": [
                {
                    "type": "CVSS_V3",
                    "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
                },
                {
                    "type": "CVSS_V3",
                    "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
                },
                {
                    "type": "Ubuntu",
                    "score": "low"
                }
            ]
        }
    ]
}