USN-5703-1

Source
https://ubuntu.com/security/notices/USN-5703-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/USN-5703-1.json
Related
Published
2022-10-26T21:26:29.735933Z
Modified
2022-10-26T21:26:29.735933Z
Summary
linux-intel-iotg vulnerabilities
Details

Selim Enes Karaduman discovered that a race condition existed in the General notification queue implementation of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1882)

Pawan Kumar Gupta, Alyssa Milburn, Amit Peled, Shani Rehana, Nir Shildan and Ariel Sabba discovered that some Intel processors with Enhanced Indirect Branch Restricted Speculation (eIBRS) did not properly handle RET instructions after a VM exits. A local attacker could potentially use this to expose sensitive information. (CVE-2022-26373)

Eric Biggers discovered that a use-after-free vulnerability existed in the io_uring subsystem in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3176)

It was discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel contained a reference counting error. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-36879)

Jann Horn discovered that the KVM subsystem in the Linux kernel did not properly handle TLB flush operations in some situations. A local attacker in a guest VM could use this to cause a denial of service (guest crash) or possibly execute arbitrary code in the guest kernel. (CVE-2022-39189)

References

Affected packages

Ubuntu:22.04:LTS / linux-intel-iotg

Package

Name
linux-intel-iotg

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
5.15.0-1017.22

Ecosystem specific 

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "linux-tools-intel-iotg": "5.15.0.1017.18",
            "linux-intel-iotg": "5.15.0.1017.18",
            "linux-image-5.15.0-1017-intel-iotg": "5.15.0-1017.22",
            "linux-intel-iotg-headers-5.15.0-1017": "5.15.0-1017.22",
            "linux-intel-iotg-tools-5.15.0-1017": "5.15.0-1017.22",
            "linux-headers-intel-iotg": "5.15.0.1017.18",
            "linux-intel-iotg-tools-host": "5.15.0-1017.22",
            "linux-modules-iwlwifi-5.15.0-1017-intel-iotg": "5.15.0-1017.22",
            "linux-intel-iotg-cloud-tools-common": "5.15.0-1017.22",
            "linux-modules-5.15.0-1017-intel-iotg": "5.15.0-1017.22",
            "linux-modules-extra-5.15.0-1017-intel-iotg": "5.15.0-1017.22",
            "linux-intel-iotg-cloud-tools-5.15.0-1017": "5.15.0-1017.22",
            "linux-headers-5.15.0-1017-intel-iotg": "5.15.0-1017.22",
            "linux-buildinfo-5.15.0-1017-intel-iotg": "5.15.0-1017.22",
            "linux-image-intel-iotg": "5.15.0.1017.18",
            "linux-intel-iotg-tools-common": "5.15.0-1017.22",
            "linux-cloud-tools-5.15.0-1017-intel-iotg": "5.15.0-1017.22",
            "linux-tools-5.15.0-1017-intel-iotg": "5.15.0-1017.22",
            "linux-image-unsigned-5.15.0-1017-intel-iotg": "5.15.0-1017.22"
        }
    ]
}