CVE-2024-23850

Related Files

Ubuntu Security Notice USN-6724-2

Posted Apr 17, 2024

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6724-2 - Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service. It was discovered that the Habana's AI Processors driver in the Linux kernel did not properly initialize certain data structures before passing them to user space. A local attacker could use this to expose sensitive information.

tags | advisory, denial of service, kernel, local

systems | linux, ubuntu

advisories | CVE-2023-46838, CVE-2023-50431, CVE-2023-52435, CVE-2023-52438, CVE-2023-6610, CVE-2024-22705, CVE-2024-23850

SHA-256 | 11f429fc308aea23b94e34cc88c73194b07fa2d7d771891e940b1ec417543744

Download | Favorite | View

Ubuntu Security Notice USN-6724-1

Posted Apr 9, 2024

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6724-1 - Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service. It was discovered that the Habana's AI Processors driver in the Linux kernel did not properly initialize certain data structures before passing them to user space. A local attacker could use this to expose sensitive information.

tags | advisory, denial of service, kernel, local

systems | linux, ubuntu

advisories | CVE-2023-46838, CVE-2023-50431, CVE-2023-52435, CVE-2023-52438, CVE-2023-6610, CVE-2024-22705, CVE-2024-23850

SHA-256 | 17f21f1c2c15bedbf215674aeeaf3c011302ae40b61d80ae7857e89a3abea752

Download | Favorite | View