Ubuntu: USN-6024-1 (CVE-2023-22997): Linux kernel vulnerabilities

Ubuntu: USN-6024-1 (CVE-2023-22997): Linux kernel vulnerabilities

Severity

5

CVSS

(AV:L/AC:L/Au:S/C:N/I:N/A:C)

Published

02/28/2023

Created

05/05/2023

Added

04/21/2023

Modified

01/28/2025

Description

In the Linux kernel before 6.1.2, kernel/module/decompress.c misinterprets the module_get_next_page return value (expects it to be NULL in the error case, whereas it is actually an error pointer).

Solution(s)

• ubuntu-upgrade-linux-image-5-19-0-1016-raspi
• ubuntu-upgrade-linux-image-5-19-0-1016-raspi-nolpae
• ubuntu-upgrade-linux-image-5-19-0-1020-gcp
• ubuntu-upgrade-linux-image-5-19-0-1020-oracle
• ubuntu-upgrade-linux-image-5-19-0-1021-kvm
• ubuntu-upgrade-linux-image-5-19-0-1022-lowlatency
• ubuntu-upgrade-linux-image-5-19-0-1022-lowlatency-64k
• ubuntu-upgrade-linux-image-5-19-0-1023-aws
• ubuntu-upgrade-linux-image-5-19-0-1023-azure
• ubuntu-upgrade-linux-image-5-19-0-40-generic
• ubuntu-upgrade-linux-image-5-19-0-40-generic-64k
• ubuntu-upgrade-linux-image-5-19-0-40-generic-lpae
• ubuntu-upgrade-linux-image-aws
• ubuntu-upgrade-linux-image-azure
• ubuntu-upgrade-linux-image-gcp
• ubuntu-upgrade-linux-image-generic
• ubuntu-upgrade-linux-image-generic-64k
• ubuntu-upgrade-linux-image-generic-64k-hwe-22-04
• ubuntu-upgrade-linux-image-generic-hwe-22-04
• ubuntu-upgrade-linux-image-generic-lpae
• ubuntu-upgrade-linux-image-generic-lpae-hwe-22-04
• ubuntu-upgrade-linux-image-kvm
• ubuntu-upgrade-linux-image-lowlatency
• ubuntu-upgrade-linux-image-lowlatency-64k
• ubuntu-upgrade-linux-image-oracle
• ubuntu-upgrade-linux-image-raspi
• ubuntu-upgrade-linux-image-raspi-nolpae
• ubuntu-upgrade-linux-image-virtual
• ubuntu-upgrade-linux-image-virtual-hwe-22-04

References

• https://attackerkb.com/topics/cve-2023-22997
• CVE - 2023-22997
• USN-6024-1