USN-5469-1
See a problem?- Source
- https://ubuntu.com/security/notices/USN-5469-1
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5469-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/USN-5469-1
- Related
- Published
- 2022-06-08T04:55:56.914620Z
- Modified
- 2022-06-08T04:55:56.914620Z
- Summary
- linux, linux-aws, linux-azure, linux-gcp, linux-gke, linux-ibm, linux-intel-iotg, linux-kvm, linux-lowlatency, linux-oracle, linux-raspi vulnerabilities
- Details
-
It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. (CVE-2022-21499)
Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1966)
Billy Jheng Bing Jhong discovered that the CIFS network file system implementation in the Linux kernel did not properly validate arguments to ioctl() in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-0168)
Hu Jiahui discovered that multiple race conditions existed in the Advanced Linux Sound Architecture (ALSA) framework, leading to use-after-free vulnerabilities. A local attacker could use these to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1048)
Qiuhao Li, Gaoning Pan and Yongkang Jia discovered that the KVM implementation in the Linux kernel did not properly perform guest page table updates in some situations. An attacker in a guest vm could possibly use this to crash the host OS. (CVE-2022-1158)
It was discovered that the implementation of the 6pack and mkiss protocols in the Linux kernel did not handle detach events properly in some situations, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-1195)
Duoming Zhou discovered that the 6pack protocol implementation in the Linux kernel did not handle detach events properly in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-1198)
Duoming Zhou discovered that the AX.25 amateur radio protocol implementation in the Linux kernel did not handle detach events properly in some situations. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1199)
Duoming Zhou discovered race conditions in the AX.25 amateur radio protocol implementation in the Linux kernel during device detach operations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-1204)
Duoming Zhou discovered race conditions in the AX.25 amateur radio protocol implementation in the Linux kernel, leading to use-after-free vulnerabilities. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-1205)
Qiuhao Li, Gaoning Pan, and Yongkang Jia discovered that the kvm implementation in the Linux kernel did not handle releasing a virtual cpu properly. A local attacker in a guest VM coud possibly use this to cause a denial of service (host system crash). (CVE-2022-1263)
It was discovered that the PF_KEYv2 implementation in the Linux kernel did not properly initialize kernel memory in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2022-1353)
It was discovered that the implementation of X.25 network protocols in the Linux kernel did not terminate link layer sessions properly. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-1516)
It was discovered that the ACRN Hypervisor Service Module implementation in the Linux kernel did not properly deallocate memory in some situations. A local privileged attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2022-1651)
It was discovered that the RxRPC session socket implementation in the Linux kernel did not properly handle ioctls called when no security protocol is given. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2022-1671)
Ziming Zhang discovered that the netfilter subsystem in the Linux kernel did not properly validate sets with multiple ranged fields. A local attacker could use this to cause a denial of service or execute arbitrary code. (CVE-2022-1972)
赵子轩 discovered that the 802.2 LLC type 2 driver in the Linux kernel did not properly perform reference counting in some error conditions. A local attacker could use this to cause a denial of service. (CVE-2022-28356)
It was discovered that the 8 Devices USB2CAN interface implementation in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-28388)
It was discovered that the Microchip CAN BUS Analyzer interface implementation in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-28389)
It was discovered that the EMS CAN/USB interface implementation in the Linux kernel contained a double-free vulnerability when handling certain error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-28390)
- References
-
- https://ubuntu.com/security/notices/USN-5469-1
- https://ubuntu.com/security/CVE-2022-0168
- https://ubuntu.com/security/CVE-2022-1048
- https://ubuntu.com/security/CVE-2022-1158
- https://ubuntu.com/security/CVE-2022-1195
- https://ubuntu.com/security/CVE-2022-1198
- https://ubuntu.com/security/CVE-2022-1199
- https://ubuntu.com/security/CVE-2022-1204
- https://ubuntu.com/security/CVE-2022-1205
- https://ubuntu.com/security/CVE-2022-1263
- https://ubuntu.com/security/CVE-2022-1353
- https://ubuntu.com/security/CVE-2022-1516
- https://ubuntu.com/security/CVE-2022-1651
- https://ubuntu.com/security/CVE-2022-1671
- https://ubuntu.com/security/CVE-2022-1966
- https://ubuntu.com/security/CVE-2022-1972
- https://ubuntu.com/security/CVE-2022-21499
- https://ubuntu.com/security/CVE-2022-28356
- https://ubuntu.com/security/CVE-2022-28388
- https://ubuntu.com/security/CVE-2022-28389
- https://ubuntu.com/security/CVE-2022-28390
Affected packages
Ubuntu:22.04:LTS / linux
Package
- Name
- linux
- Purl
- pkg:deb/ubuntu/linux@5.15.0-37.39?arch=src?distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.15.0-37.39
Affected versions
5.*
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"linux-cloud-tools-common": "5.15.0-37.39",
"linux-image-5.15.0-37-generic-dbgsym": "5.15.0-37.39",
"linux-cloud-tools-5.15.0-37-generic": "5.15.0-37.39",
"linux-libc-dev": "5.15.0-37.39",
"linux-doc": "5.15.0-37.39",
"linux-headers-5.15.0-37-generic-lpae": "5.15.0-37.39",
"linux-modules-5.15.0-37-generic-lpae": "5.15.0-37.39",
"linux-tools-5.15.0-37": "5.15.0-37.39",
"linux-image-unsigned-5.15.0-37-generic-64k-dbgsym": "5.15.0-37.39",
"linux-tools-5.15.0-37-generic-lpae": "5.15.0-37.39",
"linux-source-5.15.0": "5.15.0-37.39",
"linux-buildinfo-5.15.0-37-generic-64k": "5.15.0-37.39",
"linux-headers-5.15.0-37": "5.15.0-37.39",
"linux-buildinfo-5.15.0-37-generic": "5.15.0-37.39",
"linux-image-5.15.0-37-generic-lpae-dbgsym": "5.15.0-37.39",
"linux-buildinfo-5.15.0-37-generic-lpae": "5.15.0-37.39",
"linux-image-unsigned-5.15.0-37-generic": "5.15.0-37.39",
"linux-modules-extra-5.15.0-37-generic": "5.15.0-37.39",
"linux-tools-5.15.0-37-generic": "5.15.0-37.39",
"linux-tools-host": "5.15.0-37.39",
"linux-image-5.15.0-37-generic-lpae": "5.15.0-37.39",
"linux-image-5.15.0-37-generic": "5.15.0-37.39",
"linux-modules-5.15.0-37-generic-64k": "5.15.0-37.39",
"linux-image-unsigned-5.15.0-37-generic-64k": "5.15.0-37.39",
"linux-headers-5.15.0-37-generic": "5.15.0-37.39",
"linux-headers-5.15.0-37-generic-64k": "5.15.0-37.39",
"linux-cloud-tools-5.15.0-37": "5.15.0-37.39",
"linux-modules-5.15.0-37-generic": "5.15.0-37.39",
"linux-tools-5.15.0-37-generic-64k": "5.15.0-37.39",
"linux-tools-common": "5.15.0-37.39",
"linux-image-unsigned-5.15.0-37-generic-dbgsym": "5.15.0-37.39"
}
]
}
Ubuntu:22.04:LTS / linux-aws
Package
- Name
- linux-aws
- Purl
- pkg:deb/ubuntu/linux-aws@5.15.0-1011.14?arch=src?distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.15.0-1011.14
Affected versions
5.*
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"linux-aws-headers-5.15.0-1011": "5.15.0-1011.14",
"linux-modules-5.15.0-1011-aws": "5.15.0-1011.14",
"linux-tools-5.15.0-1011-aws": "5.15.0-1011.14",
"linux-buildinfo-5.15.0-1011-aws": "5.15.0-1011.14",
"linux-aws-cloud-tools-5.15.0-1011": "5.15.0-1011.14",
"linux-image-unsigned-5.15.0-1011-aws": "5.15.0-1011.14",
"linux-image-unsigned-5.15.0-1011-aws-dbgsym": "5.15.0-1011.14",
"linux-modules-extra-5.15.0-1011-aws": "5.15.0-1011.14",
"linux-aws-tools-5.15.0-1011": "5.15.0-1011.14",
"linux-headers-5.15.0-1011-aws": "5.15.0-1011.14",
"linux-cloud-tools-5.15.0-1011-aws": "5.15.0-1011.14"
}
]
}
Ubuntu:22.04:LTS / linux-azure
Package
- Name
- linux-azure
- Purl
- pkg:deb/ubuntu/linux-azure@5.15.0-1010.12?arch=src?distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.15.0-1010.12
Affected versions
5.*
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"linux-azure-cloud-tools-5.15.0-1010": "5.15.0-1010.12",
"linux-image-unsigned-5.15.0-1010-azure": "5.15.0-1010.12",
"linux-headers-5.15.0-1010-azure": "5.15.0-1010.12",
"linux-modules-5.15.0-1010-azure": "5.15.0-1010.12",
"linux-buildinfo-5.15.0-1010-azure": "5.15.0-1010.12",
"linux-modules-extra-5.15.0-1010-azure": "5.15.0-1010.12",
"linux-cloud-tools-5.15.0-1010-azure": "5.15.0-1010.12",
"linux-tools-5.15.0-1010-azure": "5.15.0-1010.12",
"linux-azure-headers-5.15.0-1010": "5.15.0-1010.12",
"linux-azure-tools-5.15.0-1010": "5.15.0-1010.12",
"linux-image-unsigned-5.15.0-1010-azure-dbgsym": "5.15.0-1010.12"
}
]
}
Ubuntu:22.04:LTS / linux-gcp
Package
- Name
- linux-gcp
- Purl
- pkg:deb/ubuntu/linux-gcp@5.15.0-1008.12?arch=src?distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.15.0-1008.12
Affected versions
5.*
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"linux-modules-5.15.0-1008-gcp": "5.15.0-1008.12",
"linux-gcp-headers-5.15.0-1008": "5.15.0-1008.12",
"linux-modules-extra-5.15.0-1008-gcp": "5.15.0-1008.12",
"linux-gcp-tools-5.15.0-1008": "5.15.0-1008.12",
"linux-image-unsigned-5.15.0-1008-gcp": "5.15.0-1008.12",
"linux-buildinfo-5.15.0-1008-gcp": "5.15.0-1008.12",
"linux-headers-5.15.0-1008-gcp": "5.15.0-1008.12",
"linux-tools-5.15.0-1008-gcp": "5.15.0-1008.12",
"linux-image-unsigned-5.15.0-1008-gcp-dbgsym": "5.15.0-1008.12"
}
]
}
Ubuntu:22.04:LTS / linux-gke
Package
- Name
- linux-gke
- Purl
- pkg:deb/ubuntu/linux-gke@5.15.0-1008.10?arch=src?distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.15.0-1008.10
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"linux-gke-headers-5.15.0-1008": "5.15.0-1008.10",
"linux-buildinfo-5.15.0-1008-gke": "5.15.0-1008.10",
"linux-image-unsigned-5.15.0-1008-gke-dbgsym": "5.15.0-1008.10",
"linux-modules-5.15.0-1008-gke": "5.15.0-1008.10",
"linux-headers-5.15.0-1008-gke": "5.15.0-1008.10",
"linux-tools-5.15.0-1008-gke": "5.15.0-1008.10",
"linux-image-unsigned-5.15.0-1008-gke": "5.15.0-1008.10",
"linux-modules-extra-5.15.0-1008-gke": "5.15.0-1008.10",
"linux-gke-tools-5.15.0-1008": "5.15.0-1008.10"
}
]
}
Ubuntu:22.04:LTS / linux-ibm
Package
- Name
- linux-ibm
- Purl
- pkg:deb/ubuntu/linux-ibm@5.15.0-1007.8?arch=src?distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.15.0-1007.8
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"linux-ibm-tools-common": "5.15.0-1007.8",
"linux-headers-5.15.0-1007-ibm": "5.15.0-1007.8",
"linux-ibm-source-5.15.0": "5.15.0-1007.8",
"linux-buildinfo-5.15.0-1007-ibm": "5.15.0-1007.8",
"linux-ibm-headers-5.15.0-1007": "5.15.0-1007.8",
"linux-image-unsigned-5.15.0-1007-ibm-dbgsym": "5.15.0-1007.8",
"linux-modules-extra-5.15.0-1007-ibm": "5.15.0-1007.8",
"linux-ibm-tools-5.15.0-1007": "5.15.0-1007.8",
"linux-modules-5.15.0-1007-ibm": "5.15.0-1007.8",
"linux-tools-5.15.0-1007-ibm": "5.15.0-1007.8",
"linux-ibm-cloud-tools-common": "5.15.0-1007.8",
"linux-image-unsigned-5.15.0-1007-ibm": "5.15.0-1007.8"
}
]
}
Ubuntu:22.04:LTS / linux-intel-iotg
Package
- Name
- linux-intel-iotg
- Purl
- pkg:deb/ubuntu/linux-intel-iotg@5.15.0-1008.11?arch=src?distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.15.0-1008.11
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"linux-buildinfo-5.15.0-1008-intel-iotg": "5.15.0-1008.11",
"linux-image-unsigned-5.15.0-1008-intel-iotg-dbgsym": "5.15.0-1008.11",
"linux-image-unsigned-5.15.0-1008-intel-iotg": "5.15.0-1008.11",
"linux-intel-iotg-tools-host": "5.15.0-1008.11",
"linux-modules-extra-5.15.0-1008-intel-iotg": "5.15.0-1008.11",
"linux-intel-iotg-headers-5.15.0-1008": "5.15.0-1008.11",
"linux-cloud-tools-5.15.0-1008-intel-iotg": "5.15.0-1008.11",
"linux-intel-iotg-cloud-tools-common": "5.15.0-1008.11",
"linux-intel-iotg-cloud-tools-5.15.0-1008": "5.15.0-1008.11",
"linux-intel-iotg-tools-5.15.0-1008": "5.15.0-1008.11",
"linux-tools-5.15.0-1008-intel-iotg": "5.15.0-1008.11",
"linux-intel-iotg-tools-common": "5.15.0-1008.11",
"linux-modules-5.15.0-1008-intel-iotg": "5.15.0-1008.11",
"linux-headers-5.15.0-1008-intel-iotg": "5.15.0-1008.11"
}
]
}
Ubuntu:22.04:LTS / linux-kvm
Package
- Name
- linux-kvm
- Purl
- pkg:deb/ubuntu/linux-kvm@5.15.0-1010.11?arch=src?distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.15.0-1010.11
Affected versions
5.*
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"linux-buildinfo-5.15.0-1010-kvm": "5.15.0-1010.11",
"linux-headers-5.15.0-1010-kvm": "5.15.0-1010.11",
"linux-image-unsigned-5.15.0-1010-kvm": "5.15.0-1010.11",
"linux-kvm-tools-5.15.0-1010": "5.15.0-1010.11",
"linux-tools-5.15.0-1010-kvm": "5.15.0-1010.11",
"linux-kvm-headers-5.15.0-1010": "5.15.0-1010.11",
"linux-modules-5.15.0-1010-kvm": "5.15.0-1010.11",
"linux-image-unsigned-5.15.0-1010-kvm-dbgsym": "5.15.0-1010.11"
}
]
}
Ubuntu:22.04:LTS / linux-lowlatency
Package
- Name
- linux-lowlatency
- Purl
- pkg:deb/ubuntu/linux-lowlatency@5.15.0-37.39?arch=src?distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.15.0-37.39
Affected versions
5.*
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"linux-image-unsigned-5.15.0-37-lowlatency": "5.15.0-37.39",
"linux-image-unsigned-5.15.0-37-lowlatency-64k": "5.15.0-37.39",
"linux-lowlatency-tools-common": "5.15.0-37.39",
"linux-modules-5.15.0-37-lowlatency": "5.15.0-37.39",
"linux-modules-5.15.0-37-lowlatency-64k": "5.15.0-37.39",
"linux-buildinfo-5.15.0-37-lowlatency-64k": "5.15.0-37.39",
"linux-image-unsigned-5.15.0-37-lowlatency-64k-dbgsym": "5.15.0-37.39",
"linux-lowlatency-cloud-tools-5.15.0-37": "5.15.0-37.39",
"linux-cloud-tools-5.15.0-37-lowlatency": "5.15.0-37.39",
"linux-lowlatency-cloud-tools-common": "5.15.0-37.39",
"linux-lowlatency-tools-host": "5.15.0-37.39",
"linux-buildinfo-5.15.0-37-lowlatency": "5.15.0-37.39",
"linux-tools-5.15.0-37-lowlatency": "5.15.0-37.39",
"linux-tools-5.15.0-37-lowlatency-64k": "5.15.0-37.39",
"linux-headers-5.15.0-37-lowlatency-64k": "5.15.0-37.39",
"linux-lowlatency-headers-5.15.0-37": "5.15.0-37.39",
"linux-lowlatency-tools-5.15.0-37": "5.15.0-37.39",
"linux-image-unsigned-5.15.0-37-lowlatency-dbgsym": "5.15.0-37.39",
"linux-headers-5.15.0-37-lowlatency": "5.15.0-37.39"
}
]
}
Ubuntu:22.04:LTS / linux-oracle
Package
- Name
- linux-oracle
- Purl
- pkg:deb/ubuntu/linux-oracle@5.15.0-1009.12?arch=src?distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.15.0-1009.12
Affected versions
5.*
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"linux-modules-extra-5.15.0-1009-oracle": "5.15.0-1009.12",
"linux-headers-5.15.0-1009-oracle": "5.15.0-1009.12",
"linux-image-unsigned-5.15.0-1009-oracle": "5.15.0-1009.12",
"linux-modules-5.15.0-1009-oracle": "5.15.0-1009.12",
"linux-oracle-headers-5.15.0-1009": "5.15.0-1009.12",
"linux-oracle-tools-5.15.0-1009": "5.15.0-1009.12",
"linux-image-unsigned-5.15.0-1009-oracle-dbgsym": "5.15.0-1009.12",
"linux-tools-5.15.0-1009-oracle": "5.15.0-1009.12",
"linux-buildinfo-5.15.0-1009-oracle": "5.15.0-1009.12"
}
]
}
Ubuntu:22.04:LTS / linux-raspi
Package
- Name
- linux-raspi
- Purl
- pkg:deb/ubuntu/linux-raspi@5.15.0-1011.13?arch=src?distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.15.0-1011.13
Affected versions
5.*
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"linux-modules-extra-5.15.0-1011-raspi": "5.15.0-1011.13",
"linux-image-5.15.0-1011-raspi-nolpae-dbgsym": "5.15.0-1011.13",
"linux-headers-5.15.0-1011-raspi-nolpae": "5.15.0-1011.13",
"linux-image-5.15.0-1011-raspi-nolpae": "5.15.0-1011.13",
"linux-image-5.15.0-1011-raspi-dbgsym": "5.15.0-1011.13",
"linux-raspi-headers-5.15.0-1011": "5.15.0-1011.13",
"linux-buildinfo-5.15.0-1011-raspi-nolpae": "5.15.0-1011.13",
"linux-modules-5.15.0-1011-raspi-nolpae": "5.15.0-1011.13",
"linux-image-5.15.0-1011-raspi": "5.15.0-1011.13",
"linux-headers-5.15.0-1011-raspi": "5.15.0-1011.13",
"linux-modules-5.15.0-1011-raspi": "5.15.0-1011.13",
"linux-tools-5.15.0-1011-raspi-nolpae": "5.15.0-1011.13",
"linux-modules-extra-5.15.0-1011-raspi-nolpae": "5.15.0-1011.13",
"linux-buildinfo-5.15.0-1011-raspi": "5.15.0-1011.13",
"linux-raspi-tools-5.15.0-1011": "5.15.0-1011.13",
"linux-tools-5.15.0-1011-raspi": "5.15.0-1011.13"
}
]
}