It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. (CVE-2022-21499)
Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1966)
Minh Yuan discovered that the floppy driver in the Linux kernel contained a race condition in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1836)
Ziming Zhang discovered that the netfilter subsystem in the Linux kernel did not properly validate sets with multiple ranged fields. A local attacker could use this to cause a denial of service or execute arbitrary code. (CVE-2022-1972)
{ "availability": "No subscription required", "binaries": [ { "binary_version": "5.14.0-1042.47", "binary_name": "linux-buildinfo-5.14.0-1042-oem" }, { "binary_version": "5.14.0-1042.47", "binary_name": "linux-headers-5.14.0-1042-oem" }, { "binary_version": "5.14.0-1042.47", "binary_name": "linux-image-unsigned-5.14.0-1042-oem" }, { "binary_version": "5.14.0-1042.47", "binary_name": "linux-image-unsigned-5.14.0-1042-oem-dbgsym" }, { "binary_version": "5.14.0-1042.47", "binary_name": "linux-modules-5.14.0-1042-oem" }, { "binary_version": "5.14.0-1042.47", "binary_name": "linux-modules-iwlwifi-5.14.0-1042-oem" }, { "binary_version": "5.14.0-1042.47", "binary_name": "linux-oem-5.14-headers-5.14.0-1042" }, { "binary_version": "5.14.0-1042.47", "binary_name": "linux-oem-5.14-tools-5.14.0-1042" }, { "binary_version": "5.14.0-1042.47", "binary_name": "linux-oem-5.14-tools-host" }, { "binary_version": "5.14.0-1042.47", "binary_name": "linux-tools-5.14.0-1042-oem" } ] }