Updated: 2023-11-09
CWE: CWE-843: Access of Resource Using Incompatible Type ('Type Confusion')
Description:
A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized access to some resources. The original patches fixing CVE-2023-1076 are incorrect or incomplete. The problem is that the following upstream commits - a096ccca6e50 ("tun: tun_chr_open(): correctly initialize socket uid"), - 66b2c338adce ("tap: tap_open(): correctly initialize socket uid"), pass "inode->i_uid" to sock_init_data_uid() as the last parameter and that turns out to not be accurate.
CVSS3: 5.5
| OS | Vendor version | Errata |
|---|---|---|
| RHEL 9 | 5.14.0-362.8.1.el9_3 | RHSA-2023:6583 |
| Debian 12 | 6.1.52-1 | DSA-5492-1 |
| Ubuntu 22.04 | 5.15.0-86.96 | USN-6416-1 |
| Debian 11 cloud | 5.10.191-1 | DSA-5480-1 |
| Debian 11 | 5.10.191-1 | DSA-5480-1 |
| Ubuntu 20.04 GCP | 5.4.0-1115.124 | USN-6417-1 |
| Ubuntu 20.04 Azure | 5.4.0-1117.124 | USN-6417-1 |
| Ubuntu 20.04 AWS | 5.4.0-1111.120 | USN-6417-1 |
| Amazon Linux 2 5.4 | 5.4.253-167.359.amzn2 | ALASKERNEL-5.4-2023-054 |
| Ubuntu 22.04 AWS | 5.15.0-1047.52 | USN-6416-1 |
| Ubuntu 20.04 | 5.4.0-164.181 | USN-6417-1 |
| Ubuntu 20.04 HWE AWS | 5.15.0-1047.52~20.04.1 | USN-6416-1 |
| Ubuntu 22.04 Azure | 5.15.0-1049.56 | USN-6416-1 |
| Ubuntu 20.04 HWE Azure | 5.15.0-1049.56~20.04.1 | USN-6416-1 |
| OS | Original kernel version | State |
|---|---|---|
| RHEL 9 | |
In Progress |
| Debian 12 | |
Planned |
| Ubuntu 22.04 |
5.15.0-33.34
show all
hide all
5.15.0-25.25
5.15.0-27.28
5.15.0-28.29
5.15.0-29.30
5.15.0-30.31
5.15.0-35.36
5.15.0-37.39
5.15.0-39.42
5.15.0-40.43
5.15.0-41.44
5.15.0-43.46
5.15.0-46.49
5.15.0-47.51
5.15.0-48.54
5.15.0-50.56
5.15.0-52.58
5.15.0-53.59
5.15.0-54.60
5.15.0-56.62
5.15.0-57.63
5.15.0-58.64
5.15.0-60.66
5.15.0-67.74
5.15.0-68.75
5.15.0-69.76
5.15.0-70.77
5.15.0-71.78
5.15.0-72.79
5.15.0-73.80
5.15.0-74.81
5.15.0-75.82
5.15.0-76.83
5.15.0-78.85
5.15.0-79.86
5.15.0-82.91
5.15.0-83.92
5.15.0-84.93
|
Released |
| Debian 11 cloud | |
In Progress |
| Debian 11 | |
In Progress |
| Ubuntu 20.04 GCP | |
In Progress |
| Ubuntu 20.04 Azure | |
In Progress |
| Ubuntu 20.04 AWS | |
In Progress |
| Amazon Linux 2 5.4 | |
Planned |
| Ubuntu 22.04 AWS |
5.15.0-1013.17
show all
hide all
5.15.0-1014.18
5.15.0-1015.19
5.15.0-1017.21
5.15.0-1018.22
5.15.0-1020.24
5.15.0-1026.30
5.15.0-1027.31
5.15.0-1040.45
5.15.0-1004.6
5.15.0-1005.7
5.15.0-1008.10
5.15.0-1009.11
5.15.0-1011.14
5.15.0-1021.25
5.15.0-1022.26
5.15.0-1023.27
5.15.0-1024.29
5.15.0-1028.32
5.15.0-1030.34
5.15.0-1031.35
5.15.0-1032.36
5.15.0-1033.37
5.15.0-1034.38
5.15.0-1035.39
5.15.0-1036.40
5.15.0-1037.41
5.15.0-1038.43
5.15.0-1039.44
5.15.0-1042.47
5.15.0-1043.48
5.15.0-1044.49
5.15.0-1045.50
|
Released |
| Ubuntu 20.04 | |
In Progress |
| Ubuntu 20.04 HWE AWS |
5.15.0-1015.19~20.04.1
show all
hide all
5.15.0-1038.43~20.04.1
5.15.0-1014.18~20.04.1
5.15.0-1017.21~20.04.1
5.15.0-1018.22~20.04.1
5.15.0-1020.24~20.04.1
5.15.0-1021.25~20.04.1
5.15.0-1022.26~20.04.1
5.15.0-1023.27~20.04.1
5.15.0-1026.30~20.04.2
5.15.0-1027.31~20.04.1
5.15.0-1028.32~20.04.1
5.15.0-1030.34~20.04.1
5.15.0-1031.35~20.04.1
5.15.0-1033.37~20.04.1
5.15.0-1034.38~20.04.1
5.15.0-1035.39~20.04.1
5.15.0-1036.40~20.04.1
5.15.0-1037.41~20.04.1
5.15.0-1039.44~20.04.1
5.15.0-1040.45~20.04.1
5.15.0-1041.46~20.04.1
5.15.0-1043.48~20.04.1
5.15.0-1044.49~20.04.1
5.15.0-1019.23~20.04.1
5.15.0-1045.50~20.04.1
|
Released |
| Ubuntu 22.04 Azure |
5.15.0-1005.6
show all
hide all
5.15.0-1007.8
5.15.0-1008.9
5.15.0-1010.12
5.15.0-1020.25
5.15.0-1021.26
5.15.0-1023.29
5.15.0-1024.30
5.15.0-1035.42
5.15.0-1036.43
5.15.0-1037.44
5.15.0-1038.45
5.15.0-1041.48
5.15.0-1042.49
5.15.0-1044.51
5.15.0-1045.52
5.15.0-1046.53
5.15.0-1003.4
5.15.0-1012.15
5.15.0-1013.16
5.15.0-1014.17
5.15.0-1017.20
5.15.0-1019.24
5.15.0-1022.27
5.15.0-1029.36
5.15.0-1034.41
5.15.0-1039.46
5.15.0-1040.47
5.15.0-1047.54
|
Released |
| Ubuntu 20.04 HWE Azure |
5.15.0-1020.25~20.04.1
show all
hide all
5.15.0-1022.27~20.04.1
5.15.0-1008.9~20.04.1
5.15.0-1013.16~20.04.1
5.15.0-1014.17~20.04.1
5.15.0-1017.20~20.04.1
5.15.0-1019.24~20.04.1
5.15.0-1021.26~20.04.1
5.15.0-1023.29~20.04.1
5.15.0-1024.30~20.04.1
5.15.0-1029.36~20.04.1
5.15.0-1034.41~20.04.1
|
Released |