Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-20588)
It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle L2CAP socket release, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-40283)
It was discovered that some network classifier implementations in the Linux kernel contained use-after-free vulnerabilities. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-4128)
Lonial Con discovered that the netfilter subsystem in the Linux kernel contained a memory leak when handling certain element flush operations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-4569)
{ "availability": "No subscription required", "binaries": [ { "binary_version": "5.15.0-1038.41", "binary_name": "linux-buildinfo-5.15.0-1038-raspi" }, { "binary_version": "5.15.0-1038.41", "binary_name": "linux-headers-5.15.0-1038-raspi" }, { "binary_version": "5.15.0-1038.41", "binary_name": "linux-image-5.15.0-1038-raspi" }, { "binary_version": "5.15.0-1038.41", "binary_name": "linux-image-5.15.0-1038-raspi-dbgsym" }, { "binary_version": "5.15.0-1038.41", "binary_name": "linux-modules-5.15.0-1038-raspi" }, { "binary_version": "5.15.0-1038.41", "binary_name": "linux-modules-extra-5.15.0-1038-raspi" }, { "binary_version": "5.15.0-1038.41", "binary_name": "linux-raspi-headers-5.15.0-1038" }, { "binary_version": "5.15.0-1038.41", "binary_name": "linux-raspi-tools-5.15.0-1038" }, { "binary_version": "5.15.0-1038.41", "binary_name": "linux-tools-5.15.0-1038-raspi" } ] }