Linux Kernel Vulnerability Security Update Advisory
Overview
An update has been made available to address a vulnerability in the Linux Kernel. Users of affected versions are encouraged to update to the latest version.
Affected Products
- Linux Kernel 4.13.0 and later, but not earlier than 4.14.303
- Linux Kernel 4.19 and later, but not earlier than 4.19.270
- Linux Kernel 5.4 and later, but not earlier than 5.4.229
- Linux Kernel 5.10 and later, but not earlier than 5.10.163
- Linux Kernel 5.15 and later, but not earlier than 5.15.88
- Linux Kernel 6.0 and later, but not earlier than 6.0.19
- Linux Kernel 6.1 and later, but not earlier than 6.1.5
- Linux Kernel 6.2-rc1, rc2 versions
Resolved Vulnerabilities
Use-After-Free vulnerability in the Linux Kernel (CVE-2023-0461)
Vulnerability Patches
A vulnerability patch was made available in the January 4, 2023 update. Please follow the instructions on the reference site [1] to update to the latest vulnerability patch version.
Linux Kernel version 6.2-rc3
Referenced Sites
[1] CVE-2023-0461 Detail
https://nvd.nist.gov/vuln/detail/CVE-2023-0461
[2] net/ulp: prevent ULP without clone op from entering the LISTEN status
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2c02d41d71f90a5168391b6a5f2954112ba2307c
[3] net/ulp: prevent ULP without clone op from entering the LISTEN status
https://kernel.dance/#2c02d41d71f90a5168391b6a5f2954112ba2307c
[4] There is a use-after-free vulnerability in the Linux…
https://github.com/advisories/GHSA-222x-4qhm-7h5f