USN-5580-1

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/notices/USN-5580-1

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5580-1.json

JSON Data

https://api.osv.dev/v1/vulns/USN-5580-1

Related

Published

2022-08-24T15:49:43.583678Z

Modified

2022-08-24T15:49:43.583678Z

Summary

linux-aws vulnerabilities

Details

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33655)

It was discovered that the virtual terminal driver in the Linux kernel did not properly handle VGA console font changes, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33656)

It was discovered that the Packet network protocol implementation in the Linux kernel contained an out-of-bounds access. A remote attacker could use this to expose sensitive information (kernel memory). (CVE-2022-20368)

Domingo Dirutigliano and Nicola Guerrera discovered that the netfilter subsystem in the Linux kernel did not properly handle rules that truncated packets below the packet header size. When such rules are in place, a remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-36946)

References

Affected packages

Ubuntu:Pro:16.04:LTS / linux-aws

Package

Name: linux-aws
Purl: pkg:deb/ubuntu/linux-aws?arch=src?distro=esm-infra/xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.4.0-1150.165

Affected versions

4.*

4.4.0-1001.10

4.4.0-1003.12

4.4.0-1004.13

4.4.0-1007.16

4.4.0-1009.18

4.4.0-1011.20

4.4.0-1012.21

4.4.0-1013.22

4.4.0-1016.25

4.4.0-1017.26

4.4.0-1018.27

4.4.0-1020.29

4.4.0-1022.31

4.4.0-1026.35

4.4.0-1028.37

4.4.0-1030.39

4.4.0-1031.40

4.4.0-1032.41

4.4.0-1035.44

4.4.0-1037.46

4.4.0-1038.47

4.4.0-1039.48

4.4.0-1041.50

4.4.0-1043.52

4.4.0-1044.53

4.4.0-1047.56

4.4.0-1048.57

4.4.0-1049.58

4.4.0-1050.59

4.4.0-1052.61

4.4.0-1054.63

4.4.0-1055.64

4.4.0-1057.66

4.4.0-1060.69

4.4.0-1061.70

4.4.0-1062.71

4.4.0-1063.72

4.4.0-1065.75

4.4.0-1066.76

4.4.0-1067.77

4.4.0-1069.79

4.4.0-1070.80

4.4.0-1072.82

4.4.0-1073.83

4.4.0-1074.84

4.4.0-1075.85

4.4.0-1077.87

4.4.0-1079.89

4.4.0-1081.91

4.4.0-1083.93

4.4.0-1084.94

4.4.0-1085.96

4.4.0-1087.98

4.4.0-1088.99

4.4.0-1090.101

4.4.0-1092.103

4.4.0-1094.105

4.4.0-1095.106

4.4.0-1096.107

4.4.0-1098.109

4.4.0-1099.110

4.4.0-1100.111

4.4.0-1101.112

4.4.0-1102.113

4.4.0-1104.115

4.4.0-1105.116

4.4.0-1106.117

4.4.0-1107.118

4.4.0-1109.120

4.4.0-1110.121

4.4.0-1111.123

4.4.0-1112.124

4.4.0-1113.126

4.4.0-1114.127

4.4.0-1117.131

4.4.0-1118.132

4.4.0-1119.133

4.4.0-1121.135

4.4.0-1122.136

4.4.0-1123.137

4.4.0-1124.138

4.4.0-1126.140

4.4.0-1127.141

4.4.0-1128.142

4.4.0-1129.143

4.4.0-1130.144

4.4.0-1131.145

4.4.0-1132.146

4.4.0-1133.147

4.4.0-1134.148

4.4.0-1135.149

4.4.0-1137.151

4.4.0-1138.152

4.4.0-1139.153

4.4.0-1140.154

4.4.0-1143.158

4.4.0-1145.160

4.4.0-1146.161

4.4.0-1147.162

4.4.0-1148.163

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
    "binaries": [
        {
            "binary_version": "4.4.0-1150.165",
            "binary_name": "linux-aws-cloud-tools-4.4.0-1150"
        },
        {
            "binary_version": "4.4.0-1150.165",
            "binary_name": "linux-aws-headers-4.4.0-1150"
        },
        {
            "binary_version": "4.4.0-1150.165",
            "binary_name": "linux-aws-tools-4.4.0-1150"
        },
        {
            "binary_version": "4.4.0-1150.165",
            "binary_name": "linux-buildinfo-4.4.0-1150-aws"
        },
        {
            "binary_version": "4.4.0-1150.165",
            "binary_name": "linux-cloud-tools-4.4.0-1150-aws"
        },
        {
            "binary_version": "4.4.0-1150.165",
            "binary_name": "linux-headers-4.4.0-1150-aws"
        },
        {
            "binary_version": "4.4.0-1150.165",
            "binary_name": "linux-image-4.4.0-1150-aws"
        },
        {
            "binary_version": "4.4.0-1150.165",
            "binary_name": "linux-image-4.4.0-1150-aws-dbgsym"
        },
        {
            "binary_version": "4.4.0-1150.165",
            "binary_name": "linux-modules-4.4.0-1150-aws"
        },
        {
            "binary_version": "4.4.0-1150.165",
            "binary_name": "linux-modules-extra-4.4.0-1150-aws"
        },
        {
            "binary_version": "4.4.0-1150.165",
            "binary_name": "linux-tools-4.4.0-1150-aws"
        }
    ]
}