A use-after-free vulnerability in the Linux kernels af_unix component can be exploited to achieve local privilege escalation.
The unix_stream_sendpage() function tries to add data to the last skb in the peers recv queue without locking the queue. Thus there is a race where unix_stream_sendpage() could access an skb locklessly that is being released by garbage collection, resulting in use-after-free.
We recommend upgrading past commit 790c2f9d15b594350ae9bca7b236f2b1859de02c.
Weakness
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory “belongs” to the code that operates on the new pointer.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Linux_kernel | Linux | 4.2 (including) | 6.1.47 (excluding) |
| Red Hat Enterprise Linux 7 | RedHat | kernel-rt-0:3.10.0-1160.118.1.rt56.1269.el7 | * |
| Red Hat Enterprise Linux 7 | RedHat | kpatch-patch | * |
| Red Hat Enterprise Linux 7 | RedHat | kernel-0:3.10.0-1160.118.1.el7 | * |
| Red Hat Enterprise Linux 7.7 Advanced Update Support | RedHat | kernel-0:3.10.0-1062.90.1.el7 | * |
| Red Hat Enterprise Linux 8 | RedHat | kernel-rt-0:4.18.0-513.11.1.rt7.313.el8_9 | * |
| Red Hat Enterprise Linux 8 | RedHat | kpatch-patch | * |
| Red Hat Enterprise Linux 8 | RedHat | kernel-0:4.18.0-513.11.1.el8_9 | * |
| Red Hat Enterprise Linux 8.2 Advanced Update Support | RedHat | kernel-0:4.18.0-193.120.1.el8_2 | * |
| Red Hat Enterprise Linux 8.2 Telecommunications Update Service | RedHat | kernel-rt-0:4.18.0-193.120.1.rt13.171.el8_2 | * |
| Red Hat Enterprise Linux 8.2 Telecommunications Update Service | RedHat | kernel-0:4.18.0-193.120.1.el8_2 | * |
| Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions | RedHat | kpatch-patch | * |
| Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions | RedHat | kernel-0:4.18.0-193.120.1.el8_2 | * |
| Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | RedHat | kernel-0:4.18.0-305.120.1.el8_4 | * |
| Red Hat Enterprise Linux 8.4 Telecommunications Update Service | RedHat | kernel-rt-0:4.18.0-305.120.1.rt7.196.el8_4 | * |
| Red Hat Enterprise Linux 8.4 Telecommunications Update Service | RedHat | kernel-0:4.18.0-305.120.1.el8_4 | * |
| Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions | RedHat | kernel-0:4.18.0-305.120.1.el8_4 | * |
| Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions | RedHat | kpatch-patch | * |
| Red Hat Enterprise Linux 8.6 Extended Update Support | RedHat | kpatch-patch | * |
| Red Hat Enterprise Linux 8.6 Extended Update Support | RedHat | kernel-0:4.18.0-372.87.1.el8_6 | * |
| Red Hat Enterprise Linux 8.8 Extended Update Support | RedHat | kpatch-patch | * |
| Red Hat Enterprise Linux 8.8 Extended Update Support | RedHat | kernel-0:4.18.0-477.43.1.el8_8 | * |
| Red Hat Enterprise Linux 9 | RedHat | kernel-0:5.14.0-362.18.1.el9_3 | * |
| Red Hat Enterprise Linux 9 | RedHat | kpatch-patch | * |
| Red Hat Enterprise Linux 9 | RedHat | kernel-0:5.14.0-362.18.1.el9_3 | * |
| Red Hat Enterprise Linux 9.0 Extended Update Support | RedHat | kernel-0:5.14.0-70.93.2.el9_0 | * |
| Red Hat Enterprise Linux 9.0 Extended Update Support | RedHat | kernel-rt-0:5.14.0-70.93.1.rt21.165.el9_0 | * |
| Red Hat Enterprise Linux 9.0 Extended Update Support | RedHat | kpatch-patch | * |
| Red Hat Enterprise Linux 9.2 Extended Update Support | RedHat | kernel-0:5.14.0-284.48.1.el9_2 | * |
| Red Hat Enterprise Linux 9.2 Extended Update Support | RedHat | kernel-rt-0:5.14.0-284.48.1.rt14.333.el9_2 | * |
| Red Hat Enterprise Linux 9.2 Extended Update Support | RedHat | kpatch-patch | * |
| Red Hat Virtualization 4 for Red Hat Enterprise Linux 8 | RedHat | kernel-0:4.18.0-372.87.1.el8_6 | * |
| Linux | Ubuntu | bionic | * |
| Linux | Ubuntu | esm-infra/bionic | * |
| Linux | Ubuntu | esm-infra/focal | * |
| Linux | Ubuntu | esm-infra/xenial | * |
| Linux | Ubuntu | focal | * |
| Linux | Ubuntu | jammy | * |
| Linux | Ubuntu | lunar | * |
| Linux | Ubuntu | upstream | * |
| Linux | Ubuntu | xenial | * |
| Linux-allwinner | Ubuntu | lunar | * |
| Linux-allwinner | Ubuntu | upstream | * |
| Linux-allwinner-5.19 | Ubuntu | jammy | * |
| Linux-allwinner-5.19 | Ubuntu | upstream | * |
| Linux-aws | Ubuntu | bionic | * |
| Linux-aws | Ubuntu | esm-infra-legacy/trusty | * |
| Linux-aws | Ubuntu | esm-infra/bionic | * |
| Linux-aws | Ubuntu | esm-infra/focal | * |
| Linux-aws | Ubuntu | esm-infra/xenial | * |
| Linux-aws | Ubuntu | focal | * |
| Linux-aws | Ubuntu | jammy | * |
| Linux-aws | Ubuntu | lunar | * |
| Linux-aws | Ubuntu | trusty | * |
| Linux-aws | Ubuntu | trusty/esm | * |
| Linux-aws | Ubuntu | upstream | * |
| Linux-aws | Ubuntu | xenial | * |
| Linux-aws-5.0 | Ubuntu | bionic | * |
| Linux-aws-5.0 | Ubuntu | esm-infra/bionic | * |
| Linux-aws-5.0 | Ubuntu | upstream | * |
| Linux-aws-5.11 | Ubuntu | esm-infra/focal | * |
| Linux-aws-5.11 | Ubuntu | focal | * |
| Linux-aws-5.11 | Ubuntu | upstream | * |
| Linux-aws-5.13 | Ubuntu | esm-infra/focal | * |
| Linux-aws-5.13 | Ubuntu | focal | * |
| Linux-aws-5.13 | Ubuntu | upstream | * |
| Linux-aws-5.15 | Ubuntu | esm-infra/focal | * |
| Linux-aws-5.15 | Ubuntu | focal | * |
| Linux-aws-5.15 | Ubuntu | upstream | * |
| Linux-aws-5.19 | Ubuntu | jammy | * |
| Linux-aws-5.19 | Ubuntu | upstream | * |
| Linux-aws-5.3 | Ubuntu | bionic | * |
| Linux-aws-5.3 | Ubuntu | esm-infra/bionic | * |
| Linux-aws-5.3 | Ubuntu | upstream | * |
| Linux-aws-5.4 | Ubuntu | bionic | * |
| Linux-aws-5.4 | Ubuntu | esm-infra/bionic | * |
| Linux-aws-5.4 | Ubuntu | upstream | * |
| Linux-aws-5.8 | Ubuntu | esm-infra/focal | * |
| Linux-aws-5.8 | Ubuntu | focal | * |
| Linux-aws-5.8 | Ubuntu | upstream | * |
| Linux-aws-6.14 | Ubuntu | upstream | * |
| Linux-aws-6.2 | Ubuntu | jammy | * |
| Linux-aws-6.2 | Ubuntu | upstream | * |
| Linux-aws-6.5 | Ubuntu | upstream | * |
| Linux-aws-6.8 | Ubuntu | upstream | * |
| Linux-aws-fips | Ubuntu | fips-updates/bionic | * |
| Linux-aws-fips | Ubuntu | fips-updates/focal | * |
| Linux-aws-fips | Ubuntu | fips/bionic | * |
| Linux-aws-fips | Ubuntu | fips/focal | * |
| Linux-aws-fips | Ubuntu | trusty | * |
| Linux-aws-fips | Ubuntu | upstream | * |
| Linux-aws-fips | Ubuntu | xenial | * |
| Linux-aws-hwe | Ubuntu | esm-infra/xenial | * |
| Linux-aws-hwe | Ubuntu | upstream | * |
| Linux-aws-hwe | Ubuntu | xenial | * |
| Linux-azure | Ubuntu | bionic | * |
| Linux-azure | Ubuntu | esm-infra-legacy/trusty | * |
| Linux-azure | Ubuntu | esm-infra/bionic | * |
| Linux-azure | Ubuntu | esm-infra/focal | * |
| Linux-azure | Ubuntu | esm-infra/xenial | * |
| Linux-azure | Ubuntu | focal | * |
| Linux-azure | Ubuntu | jammy | * |
| Linux-azure | Ubuntu | lunar | * |
| Linux-azure | Ubuntu | trusty | * |
| Linux-azure | Ubuntu | trusty/esm | * |
| Linux-azure | Ubuntu | upstream | * |
| Linux-azure | Ubuntu | xenial | * |
| Linux-azure-4.15 | Ubuntu | bionic | * |
| Linux-azure-4.15 | Ubuntu | esm-infra/bionic | * |
| Linux-azure-4.15 | Ubuntu | upstream | * |
| Linux-azure-5.11 | Ubuntu | esm-infra/focal | * |
| Linux-azure-5.11 | Ubuntu | focal | * |
| Linux-azure-5.11 | Ubuntu | upstream | * |
| Linux-azure-5.13 | Ubuntu | esm-infra/focal | * |
| Linux-azure-5.13 | Ubuntu | focal | * |
| Linux-azure-5.13 | Ubuntu | upstream | * |
| Linux-azure-5.15 | Ubuntu | esm-infra/focal | * |
| Linux-azure-5.15 | Ubuntu | focal | * |
| Linux-azure-5.15 | Ubuntu | upstream | * |
| Linux-azure-5.19 | Ubuntu | jammy | * |
| Linux-azure-5.19 | Ubuntu | upstream | * |
| Linux-azure-5.3 | Ubuntu | bionic | * |
| Linux-azure-5.3 | Ubuntu | esm-infra/bionic | * |
| Linux-azure-5.3 | Ubuntu | upstream | * |
| Linux-azure-5.4 | Ubuntu | bionic | * |
| Linux-azure-5.4 | Ubuntu | esm-infra/bionic | * |
| Linux-azure-5.4 | Ubuntu | upstream | * |
| Linux-azure-5.8 | Ubuntu | esm-infra/focal | * |
| Linux-azure-5.8 | Ubuntu | focal | * |
| Linux-azure-5.8 | Ubuntu | upstream | * |
| Linux-azure-6.11 | Ubuntu | upstream | * |
| Linux-azure-6.14 | Ubuntu | upstream | * |
| Linux-azure-6.2 | Ubuntu | jammy | * |
| Linux-azure-6.2 | Ubuntu | upstream | * |
| Linux-azure-6.5 | Ubuntu | upstream | * |
| Linux-azure-6.8 | Ubuntu | upstream | * |
| Linux-azure-edge | Ubuntu | bionic | * |
| Linux-azure-edge | Ubuntu | esm-infra/bionic | * |
| Linux-azure-edge | Ubuntu | upstream | * |
| Linux-azure-fde | Ubuntu | esm-infra/focal | * |
| Linux-azure-fde | Ubuntu | focal | * |
| Linux-azure-fde | Ubuntu | jammy | * |
| Linux-azure-fde | Ubuntu | upstream | * |
| Linux-azure-fde-5.15 | Ubuntu | upstream | * |
| Linux-azure-fde-5.19 | Ubuntu | jammy | * |
| Linux-azure-fde-5.19 | Ubuntu | upstream | * |
| Linux-azure-fde-6.14 | Ubuntu | upstream | * |
| Linux-azure-fde-6.2 | Ubuntu | jammy | * |
| Linux-azure-fde-6.2 | Ubuntu | upstream | * |
| Linux-azure-fde-6.8 | Ubuntu | upstream | * |
| Linux-azure-fips | Ubuntu | fips-updates/bionic | * |
| Linux-azure-fips | Ubuntu | fips-updates/focal | * |
| Linux-azure-fips | Ubuntu | fips/bionic | * |
| Linux-azure-fips | Ubuntu | fips/focal | * |
| Linux-azure-fips | Ubuntu | trusty | * |
| Linux-azure-fips | Ubuntu | upstream | * |
| Linux-azure-fips | Ubuntu | xenial | * |
| Linux-azure-nvidia | Ubuntu | upstream | * |
| Linux-azure-nvidia-6.14 | Ubuntu | upstream | * |
| Linux-bluefield | Ubuntu | bluefield/jammy | * |
| Linux-bluefield | Ubuntu | esm-infra/focal | * |
| Linux-bluefield | Ubuntu | focal | * |
| Linux-bluefield | Ubuntu | upstream | * |
| Linux-dell300x | Ubuntu | bionic | * |
| Linux-dell300x | Ubuntu | upstream | * |
| Linux-fips | Ubuntu | fips-preview/jammy | * |
| Linux-fips | Ubuntu | fips-updates/bionic | * |
| Linux-fips | Ubuntu | fips-updates/focal | * |
| Linux-fips | Ubuntu | fips-updates/xenial | * |
| Linux-fips | Ubuntu | fips/bionic | * |
| Linux-fips | Ubuntu | fips/focal | * |
| Linux-fips | Ubuntu | fips/xenial | * |
| Linux-fips | Ubuntu | upstream | * |
| Linux-gcp | Ubuntu | bionic | * |
| Linux-gcp | Ubuntu | esm-infra/bionic | * |
| Linux-gcp | Ubuntu | esm-infra/focal | * |
| Linux-gcp | Ubuntu | esm-infra/xenial | * |
| Linux-gcp | Ubuntu | focal | * |
| Linux-gcp | Ubuntu | jammy | * |
| Linux-gcp | Ubuntu | lunar | * |
| Linux-gcp | Ubuntu | upstream | * |
| Linux-gcp | Ubuntu | xenial | * |
| Linux-gcp-4.15 | Ubuntu | bionic | * |
| Linux-gcp-4.15 | Ubuntu | esm-infra/bionic | * |
| Linux-gcp-4.15 | Ubuntu | upstream | * |
| Linux-gcp-5.11 | Ubuntu | esm-infra/focal | * |
| Linux-gcp-5.11 | Ubuntu | focal | * |
| Linux-gcp-5.11 | Ubuntu | upstream | * |
| Linux-gcp-5.13 | Ubuntu | esm-infra/focal | * |
| Linux-gcp-5.13 | Ubuntu | focal | * |
| Linux-gcp-5.13 | Ubuntu | upstream | * |
| Linux-gcp-5.15 | Ubuntu | esm-infra/focal | * |
| Linux-gcp-5.15 | Ubuntu | focal | * |
| Linux-gcp-5.15 | Ubuntu | upstream | * |
| Linux-gcp-5.19 | Ubuntu | jammy | * |
| Linux-gcp-5.19 | Ubuntu | upstream | * |
| Linux-gcp-5.3 | Ubuntu | bionic | * |
| Linux-gcp-5.3 | Ubuntu | esm-infra/bionic | * |
| Linux-gcp-5.3 | Ubuntu | upstream | * |
| Linux-gcp-5.4 | Ubuntu | bionic | * |
| Linux-gcp-5.4 | Ubuntu | esm-infra/bionic | * |
| Linux-gcp-5.4 | Ubuntu | upstream | * |
| Linux-gcp-5.8 | Ubuntu | esm-infra/focal | * |
| Linux-gcp-5.8 | Ubuntu | focal | * |
| Linux-gcp-5.8 | Ubuntu | upstream | * |
| Linux-gcp-6.11 | Ubuntu | upstream | * |
| Linux-gcp-6.14 | Ubuntu | upstream | * |
| Linux-gcp-6.2 | Ubuntu | jammy | * |
| Linux-gcp-6.2 | Ubuntu | upstream | * |
| Linux-gcp-6.5 | Ubuntu | upstream | * |
| Linux-gcp-6.8 | Ubuntu | upstream | * |
| Linux-gcp-fips | Ubuntu | fips-updates/bionic | * |
| Linux-gcp-fips | Ubuntu | fips-updates/focal | * |
| Linux-gcp-fips | Ubuntu | fips/bionic | * |
| Linux-gcp-fips | Ubuntu | fips/focal | * |
| Linux-gcp-fips | Ubuntu | trusty | * |
| Linux-gcp-fips | Ubuntu | upstream | * |
| Linux-gcp-fips | Ubuntu | xenial | * |
| Linux-gke | Ubuntu | esm-infra/focal | * |
| Linux-gke | Ubuntu | focal | * |
| Linux-gke | Ubuntu | jammy | * |
| Linux-gke | Ubuntu | upstream | * |
| Linux-gke | Ubuntu | xenial | * |
| Linux-gke-4.15 | Ubuntu | bionic | * |
| Linux-gke-4.15 | Ubuntu | esm-infra/bionic | * |
| Linux-gke-4.15 | Ubuntu | upstream | * |
| Linux-gke-5.0 | Ubuntu | bionic | * |
| Linux-gke-5.0 | Ubuntu | upstream | * |
| Linux-gke-5.15 | Ubuntu | esm-infra/focal | * |
| Linux-gke-5.15 | Ubuntu | focal | * |
| Linux-gke-5.15 | Ubuntu | upstream | * |
| Linux-gke-5.3 | Ubuntu | bionic | * |
| Linux-gke-5.3 | Ubuntu | upstream | * |
| Linux-gke-5.4 | Ubuntu | bionic | * |
| Linux-gke-5.4 | Ubuntu | esm-infra/bionic | * |
| Linux-gke-5.4 | Ubuntu | upstream | * |
| Linux-gkeop | Ubuntu | esm-infra/focal | * |
| Linux-gkeop | Ubuntu | focal | * |
| Linux-gkeop | Ubuntu | jammy | * |
| Linux-gkeop | Ubuntu | upstream | * |
| Linux-gkeop-5.15 | Ubuntu | esm-infra/focal | * |
| Linux-gkeop-5.15 | Ubuntu | focal | * |
| Linux-gkeop-5.15 | Ubuntu | upstream | * |
| Linux-gkeop-5.4 | Ubuntu | bionic | * |
| Linux-gkeop-5.4 | Ubuntu | esm-infra/bionic | * |
| Linux-gkeop-5.4 | Ubuntu | upstream | * |
| Linux-hwe | Ubuntu | bionic | * |
| Linux-hwe | Ubuntu | esm-infra/bionic | * |
| Linux-hwe | Ubuntu | esm-infra/xenial | * |
| Linux-hwe | Ubuntu | upstream | * |
| Linux-hwe | Ubuntu | xenial | * |
| Linux-hwe-5.11 | Ubuntu | esm-infra/focal | * |
| Linux-hwe-5.11 | Ubuntu | focal | * |
| Linux-hwe-5.11 | Ubuntu | upstream | * |
| Linux-hwe-5.13 | Ubuntu | esm-infra/focal | * |
| Linux-hwe-5.13 | Ubuntu | focal | * |
| Linux-hwe-5.13 | Ubuntu | upstream | * |
| Linux-hwe-5.15 | Ubuntu | esm-infra/focal | * |
| Linux-hwe-5.15 | Ubuntu | focal | * |
| Linux-hwe-5.15 | Ubuntu | upstream | * |
| Linux-hwe-5.19 | Ubuntu | jammy | * |
| Linux-hwe-5.19 | Ubuntu | upstream | * |
| Linux-hwe-5.4 | Ubuntu | bionic | * |
| Linux-hwe-5.4 | Ubuntu | esm-infra/bionic | * |
| Linux-hwe-5.4 | Ubuntu | upstream | * |
| Linux-hwe-5.8 | Ubuntu | esm-infra/focal | * |
| Linux-hwe-5.8 | Ubuntu | focal | * |
| Linux-hwe-5.8 | Ubuntu | upstream | * |
| Linux-hwe-6.11 | Ubuntu | upstream | * |
| Linux-hwe-6.14 | Ubuntu | upstream | * |
| Linux-hwe-6.2 | Ubuntu | jammy | * |
| Linux-hwe-6.2 | Ubuntu | upstream | * |
| Linux-hwe-6.5 | Ubuntu | upstream | * |
| Linux-hwe-6.8 | Ubuntu | upstream | * |
| Linux-hwe-edge | Ubuntu | bionic | * |
| Linux-hwe-edge | Ubuntu | esm-infra/bionic | * |
| Linux-hwe-edge | Ubuntu | esm-infra/xenial | * |
| Linux-hwe-edge | Ubuntu | upstream | * |
| Linux-hwe-edge | Ubuntu | xenial | * |
| Linux-ibm | Ubuntu | esm-infra/focal | * |
| Linux-ibm | Ubuntu | focal | * |
| Linux-ibm | Ubuntu | jammy | * |
| Linux-ibm | Ubuntu | lunar | * |
| Linux-ibm | Ubuntu | upstream | * |
| Linux-ibm-5.15 | Ubuntu | esm-infra/focal | * |
| Linux-ibm-5.15 | Ubuntu | focal | * |
| Linux-ibm-5.15 | Ubuntu | upstream | * |
| Linux-ibm-5.4 | Ubuntu | bionic | * |
| Linux-ibm-5.4 | Ubuntu | esm-infra/bionic | * |
| Linux-ibm-5.4 | Ubuntu | upstream | * |
| Linux-ibm-6.8 | Ubuntu | upstream | * |
| Linux-intel | Ubuntu | upstream | * |
| Linux-intel-5.13 | Ubuntu | esm-infra/focal | * |
| Linux-intel-5.13 | Ubuntu | focal | * |
| Linux-intel-5.13 | Ubuntu | upstream | * |
| Linux-intel-iot-realtime | Ubuntu | jammy | * |
| Linux-intel-iot-realtime | Ubuntu | realtime/jammy | * |
| Linux-intel-iot-realtime | Ubuntu | upstream | * |
| Linux-intel-iotg | Ubuntu | jammy | * |
| Linux-intel-iotg | Ubuntu | upstream | * |
| Linux-intel-iotg-5.15 | Ubuntu | esm-infra/focal | * |
| Linux-intel-iotg-5.15 | Ubuntu | focal | * |
| Linux-intel-iotg-5.15 | Ubuntu | upstream | * |
| Linux-iot | Ubuntu | esm-infra/focal | * |
| Linux-iot | Ubuntu | focal | * |
| Linux-iot | Ubuntu | upstream | * |
| Linux-kvm | Ubuntu | bionic | * |
| Linux-kvm | Ubuntu | esm-infra/bionic | * |
| Linux-kvm | Ubuntu | esm-infra/focal | * |
| Linux-kvm | Ubuntu | esm-infra/xenial | * |
| Linux-kvm | Ubuntu | focal | * |
| Linux-kvm | Ubuntu | jammy | * |
| Linux-kvm | Ubuntu | lunar | * |
| Linux-kvm | Ubuntu | upstream | * |
| Linux-kvm | Ubuntu | xenial | * |
| Linux-laptop | Ubuntu | upstream | * |
| Linux-lowlatency | Ubuntu | jammy | * |
| Linux-lowlatency | Ubuntu | lunar | * |
| Linux-lowlatency | Ubuntu | upstream | * |
| Linux-lowlatency-hwe-5.15 | Ubuntu | esm-infra/focal | * |
| Linux-lowlatency-hwe-5.15 | Ubuntu | focal | * |
| Linux-lowlatency-hwe-5.15 | Ubuntu | upstream | * |
| Linux-lowlatency-hwe-5.19 | Ubuntu | jammy | * |
| Linux-lowlatency-hwe-5.19 | Ubuntu | upstream | * |
| Linux-lowlatency-hwe-6.11 | Ubuntu | upstream | * |
| Linux-lowlatency-hwe-6.2 | Ubuntu | jammy | * |
| Linux-lowlatency-hwe-6.2 | Ubuntu | upstream | * |
| Linux-lowlatency-hwe-6.5 | Ubuntu | upstream | * |
| Linux-lowlatency-hwe-6.8 | Ubuntu | upstream | * |
| Linux-lts-xenial | Ubuntu | esm-infra-legacy/trusty | * |
| Linux-lts-xenial | Ubuntu | trusty | * |
| Linux-lts-xenial | Ubuntu | trusty/esm | * |
| Linux-lts-xenial | Ubuntu | upstream | * |
| Linux-nvidia | Ubuntu | jammy | * |
| Linux-nvidia | Ubuntu | upstream | * |
| Linux-nvidia-6.11 | Ubuntu | upstream | * |
| Linux-nvidia-6.2 | Ubuntu | jammy | * |
| Linux-nvidia-6.2 | Ubuntu | upstream | * |
| Linux-nvidia-6.5 | Ubuntu | upstream | * |
| Linux-nvidia-6.8 | Ubuntu | upstream | * |
| Linux-nvidia-lowlatency | Ubuntu | upstream | * |
| Linux-nvidia-tegra | Ubuntu | jammy | * |
| Linux-nvidia-tegra | Ubuntu | upstream | * |
| Linux-nvidia-tegra-5.15 | Ubuntu | esm-infra/focal | * |
| Linux-nvidia-tegra-5.15 | Ubuntu | focal | * |
| Linux-nvidia-tegra-5.15 | Ubuntu | upstream | * |
| Linux-nvidia-tegra-igx | Ubuntu | jammy | * |
| Linux-nvidia-tegra-igx | Ubuntu | upstream | * |
| Linux-oem | Ubuntu | bionic | * |
| Linux-oem | Ubuntu | esm-infra/bionic | * |
| Linux-oem | Ubuntu | upstream | * |
| Linux-oem | Ubuntu | xenial | * |
| Linux-oem-5.10 | Ubuntu | esm-infra/focal | * |
| Linux-oem-5.10 | Ubuntu | focal | * |
| Linux-oem-5.10 | Ubuntu | upstream | * |
| Linux-oem-5.13 | Ubuntu | esm-infra/focal | * |
| Linux-oem-5.13 | Ubuntu | focal | * |
| Linux-oem-5.13 | Ubuntu | upstream | * |
| Linux-oem-5.14 | Ubuntu | esm-infra/focal | * |
| Linux-oem-5.14 | Ubuntu | focal | * |
| Linux-oem-5.14 | Ubuntu | upstream | * |
| Linux-oem-5.17 | Ubuntu | jammy | * |
| Linux-oem-5.17 | Ubuntu | upstream | * |
| Linux-oem-5.6 | Ubuntu | esm-infra/focal | * |
| Linux-oem-5.6 | Ubuntu | focal | * |
| Linux-oem-5.6 | Ubuntu | upstream | * |
| Linux-oem-6.0 | Ubuntu | jammy | * |
| Linux-oem-6.0 | Ubuntu | upstream | * |
| Linux-oem-6.1 | Ubuntu | jammy | * |
| Linux-oem-6.1 | Ubuntu | upstream | * |
| Linux-oem-6.11 | Ubuntu | upstream | * |
| Linux-oem-6.14 | Ubuntu | upstream | * |
| Linux-oem-6.17 | Ubuntu | upstream | * |
| Linux-oem-6.5 | Ubuntu | upstream | * |
| Linux-oem-6.8 | Ubuntu | upstream | * |
| Linux-oem-osp1 | Ubuntu | bionic | * |
| Linux-oem-osp1 | Ubuntu | upstream | * |
| Linux-oracle | Ubuntu | bionic | * |
| Linux-oracle | Ubuntu | esm-infra/bionic | * |
| Linux-oracle | Ubuntu | esm-infra/focal | * |
| Linux-oracle | Ubuntu | esm-infra/xenial | * |
| Linux-oracle | Ubuntu | focal | * |
| Linux-oracle | Ubuntu | jammy | * |
| Linux-oracle | Ubuntu | lunar | * |
| Linux-oracle | Ubuntu | upstream | * |
| Linux-oracle | Ubuntu | xenial | * |
| Linux-oracle-5.0 | Ubuntu | bionic | * |
| Linux-oracle-5.0 | Ubuntu | esm-infra/bionic | * |
| Linux-oracle-5.0 | Ubuntu | upstream | * |
| Linux-oracle-5.11 | Ubuntu | esm-infra/focal | * |
| Linux-oracle-5.11 | Ubuntu | focal | * |
| Linux-oracle-5.11 | Ubuntu | upstream | * |
| Linux-oracle-5.13 | Ubuntu | esm-infra/focal | * |
| Linux-oracle-5.13 | Ubuntu | focal | * |
| Linux-oracle-5.13 | Ubuntu | upstream | * |
| Linux-oracle-5.15 | Ubuntu | esm-infra/focal | * |
| Linux-oracle-5.15 | Ubuntu | focal | * |
| Linux-oracle-5.15 | Ubuntu | upstream | * |
| Linux-oracle-5.3 | Ubuntu | bionic | * |
| Linux-oracle-5.3 | Ubuntu | esm-infra/bionic | * |
| Linux-oracle-5.3 | Ubuntu | upstream | * |
| Linux-oracle-5.4 | Ubuntu | bionic | * |
| Linux-oracle-5.4 | Ubuntu | esm-infra/bionic | * |
| Linux-oracle-5.4 | Ubuntu | upstream | * |
| Linux-oracle-5.8 | Ubuntu | esm-infra/focal | * |
| Linux-oracle-5.8 | Ubuntu | focal | * |
| Linux-oracle-5.8 | Ubuntu | upstream | * |
| Linux-oracle-6.14 | Ubuntu | upstream | * |
| Linux-oracle-6.5 | Ubuntu | upstream | * |
| Linux-oracle-6.8 | Ubuntu | upstream | * |
| Linux-raspi | Ubuntu | esm-infra/focal | * |
| Linux-raspi | Ubuntu | focal | * |
| Linux-raspi | Ubuntu | jammy | * |
| Linux-raspi | Ubuntu | lunar | * |
| Linux-raspi | Ubuntu | upstream | * |
| Linux-raspi-5.4 | Ubuntu | bionic | * |
| Linux-raspi-5.4 | Ubuntu | esm-infra/bionic | * |
| Linux-raspi-5.4 | Ubuntu | upstream | * |
| Linux-raspi-realtime | Ubuntu | noble | * |
| Linux-raspi-realtime | Ubuntu | upstream | * |
| Linux-raspi2 | Ubuntu | bionic | * |
| Linux-raspi2 | Ubuntu | esm-infra/focal | * |
| Linux-raspi2 | Ubuntu | focal | * |
| Linux-raspi2 | Ubuntu | upstream | * |
| Linux-raspi2 | Ubuntu | xenial | * |
| Linux-raspi2-5.3 | Ubuntu | bionic | * |
| Linux-raspi2-5.3 | Ubuntu | upstream | * |
| Linux-realtime | Ubuntu | jammy | * |
| Linux-realtime | Ubuntu | realtime/jammy | * |
| Linux-realtime | Ubuntu | upstream | * |
| Linux-realtime-6.14 | Ubuntu | upstream | * |
| Linux-realtime-6.8 | Ubuntu | upstream | * |
| Linux-riscv | Ubuntu | esm-infra/focal | * |
| Linux-riscv | Ubuntu | focal | * |
| Linux-riscv | Ubuntu | jammy | * |
| Linux-riscv | Ubuntu | lunar | * |
| Linux-riscv | Ubuntu | upstream | * |
| Linux-riscv-5.11 | Ubuntu | esm-infra/focal | * |
| Linux-riscv-5.11 | Ubuntu | focal | * |
| Linux-riscv-5.11 | Ubuntu | upstream | * |
| Linux-riscv-5.15 | Ubuntu | esm-infra/focal | * |
| Linux-riscv-5.15 | Ubuntu | focal | * |
| Linux-riscv-5.15 | Ubuntu | upstream | * |
| Linux-riscv-5.19 | Ubuntu | jammy | * |
| Linux-riscv-5.19 | Ubuntu | upstream | * |
| Linux-riscv-5.8 | Ubuntu | esm-infra/focal | * |
| Linux-riscv-5.8 | Ubuntu | focal | * |
| Linux-riscv-5.8 | Ubuntu | upstream | * |
| Linux-riscv-6.14 | Ubuntu | upstream | * |
| Linux-riscv-6.5 | Ubuntu | upstream | * |
| Linux-riscv-6.8 | Ubuntu | upstream | * |
| Linux-snapdragon | Ubuntu | bionic | * |
| Linux-snapdragon | Ubuntu | upstream | * |
| Linux-snapdragon | Ubuntu | xenial | * |
| Linux-starfive | Ubuntu | lunar | * |
| Linux-starfive | Ubuntu | upstream | * |
| Linux-starfive-5.19 | Ubuntu | jammy | * |
| Linux-starfive-5.19 | Ubuntu | upstream | * |
| Linux-starfive-6.2 | Ubuntu | jammy | * |
| Linux-starfive-6.2 | Ubuntu | upstream | * |
| Linux-starfive-6.5 | Ubuntu | upstream | * |
| Linux-xilinx | Ubuntu | upstream | * |
| Linux-xilinx-zynqmp | Ubuntu | esm-infra/focal | * |
| Linux-xilinx-zynqmp | Ubuntu | focal | * |
| Linux-xilinx-zynqmp | Ubuntu | jammy | * |
| Linux-xilinx-zynqmp | Ubuntu | upstream | * |
Potential Mitigations
References
- http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-6.1.y\u0026id=790c2f9d15b594350ae9bca7b236f2b1859de02c
- https://kernel.dance/790c2f9d15b594350ae9bca7b236f2b1859de02c
- https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html
- https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html
- https://www.debian.org/security/2023/dsa-5492
- http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-6.1.y\u0026id=790c2f9d15b594350ae9bca7b236f2b1859de02c
- https://kernel.dance/790c2f9d15b594350ae9bca7b236f2b1859de02c
- https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html
- https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html
- https://www.debian.org/security/2023/dsa-5492