USN-5804-2

Source
https://ubuntu.com/security/notices/USN-5804-2
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5804-2.json
JSON Data
https://api.osv.dev/v1/vulns/USN-5804-2
Related
Published
2023-01-13T19:11:37.171007Z
Modified
2023-01-13T19:11:37.171007Z
Summary
linux-aws, linux-gcp-4.15 vulnerabilities
Details

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43945)

Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42896)

It was discovered that the Xen netback driver in the Linux kernel did not properly handle packets structured in certain ways. An attacker in a guest VM could possibly use this to cause a denial of service (host NIC availability). (CVE-2022-3643)

It was discovered that an integer overflow vulnerability existed in the Bluetooth subsystem in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2022-45934)

References

Affected packages

Ubuntu:18.04:LTS / linux-aws

Package

Name
linux-aws
Purl
pkg:deb/ubuntu/linux-aws?arch=src?distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.15.0-1148.160

Affected versions

4.*

4.15.0-1001.1
4.15.0-1003.3
4.15.0-1005.5
4.15.0-1006.6
4.15.0-1007.7
4.15.0-1009.9
4.15.0-1010.10
4.15.0-1011.11
4.15.0-1016.16
4.15.0-1017.17
4.15.0-1019.19
4.15.0-1020.20
4.15.0-1021.21
4.15.0-1023.23
4.15.0-1025.25
4.15.0-1027.27
4.15.0-1029.30
4.15.0-1031.33
4.15.0-1032.34
4.15.0-1033.35
4.15.0-1034.36
4.15.0-1035.37
4.15.0-1037.39
4.15.0-1039.41
4.15.0-1040.42
4.15.0-1041.43
4.15.0-1043.45
4.15.0-1044.46
4.15.0-1045.47
4.15.0-1047.49
4.15.0-1048.50
4.15.0-1050.52
4.15.0-1051.53
4.15.0-1052.54
4.15.0-1054.56
4.15.0-1056.58
4.15.0-1057.59
4.15.0-1058.60
4.15.0-1060.62
4.15.0-1063.67
4.15.0-1065.69
4.15.0-1066.70
4.15.0-1067.71
4.15.0-1073.77
4.15.0-1076.80
4.15.0-1077.81
4.15.0-1079.83
4.15.0-1080.84
4.15.0-1082.86
4.15.0-1083.87
4.15.0-1086.91
4.15.0-1087.92
4.15.0-1088.93
4.15.0-1090.95
4.15.0-1091.96
4.15.0-1092.98
4.15.0-1093.99
4.15.0-1094.101
4.15.0-1095.102
4.15.0-1096.103
4.15.0-1097.104
4.15.0-1098.105
4.15.0-1099.106
4.15.0-1101.108
4.15.0-1102.109
4.15.0-1103.110
4.15.0-1106.113
4.15.0-1109.116
4.15.0-1110.117
4.15.0-1111.118
4.15.0-1112.119
4.15.0-1114.121
4.15.0-1115.122
4.15.0-1116.123
4.15.0-1118.125
4.15.0-1119.127
4.15.0-1121.129
4.15.0-1123.132
4.15.0-1124.133
4.15.0-1126.135
4.15.0-1127.136
4.15.0-1128.137
4.15.0-1130.139
4.15.0-1133.143
4.15.0-1136.147
4.15.0-1137.148
4.15.0-1139.150
4.15.0-1140.151
4.15.0-1141.152
4.15.0-1142.154
4.15.0-1143.155
4.15.0-1144.156
4.15.0-1146.158
4.15.0-1147.159

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "4.15.0-1148.160",
            "binary_name": "linux-aws-cloud-tools-4.15.0-1148"
        },
        {
            "binary_version": "4.15.0-1148.160",
            "binary_name": "linux-aws-headers-4.15.0-1148"
        },
        {
            "binary_version": "4.15.0-1148.160",
            "binary_name": "linux-aws-tools-4.15.0-1148"
        },
        {
            "binary_version": "4.15.0-1148.160",
            "binary_name": "linux-buildinfo-4.15.0-1148-aws"
        },
        {
            "binary_version": "4.15.0-1148.160",
            "binary_name": "linux-cloud-tools-4.15.0-1148-aws"
        },
        {
            "binary_version": "4.15.0-1148.160",
            "binary_name": "linux-headers-4.15.0-1148-aws"
        },
        {
            "binary_version": "4.15.0-1148.160",
            "binary_name": "linux-image-unsigned-4.15.0-1148-aws"
        },
        {
            "binary_version": "4.15.0-1148.160",
            "binary_name": "linux-image-unsigned-4.15.0-1148-aws-dbgsym"
        },
        {
            "binary_version": "4.15.0-1148.160",
            "binary_name": "linux-modules-4.15.0-1148-aws"
        },
        {
            "binary_version": "4.15.0-1148.160",
            "binary_name": "linux-modules-extra-4.15.0-1148-aws"
        },
        {
            "binary_version": "4.15.0-1148.160",
            "binary_name": "linux-tools-4.15.0-1148-aws"
        }
    ]
}

Ubuntu:18.04:LTS / linux-gcp-4.15

Package

Name
linux-gcp-4.15
Purl
pkg:deb/ubuntu/linux-gcp-4.15?arch=src?distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.15.0-1143.159

Affected versions

4.*

4.15.0-1071.81
4.15.0-1077.87
4.15.0-1078.88
4.15.0-1080.90
4.15.0-1081.92
4.15.0-1083.94
4.15.0-1084.95
4.15.0-1086.98
4.15.0-1087.100
4.15.0-1088.101
4.15.0-1090.103
4.15.0-1091.104
4.15.0-1092.105
4.15.0-1093.106
4.15.0-1094.107
4.15.0-1095.108
4.15.0-1096.109
4.15.0-1097.110
4.15.0-1098.111
4.15.0-1099.112
4.15.0-1100.113
4.15.0-1103.116
4.15.0-1106.120
4.15.0-1107.121
4.15.0-1108.122
4.15.0-1109.123
4.15.0-1110.124
4.15.0-1111.125
4.15.0-1112.126
4.15.0-1114.128
4.15.0-1115.129
4.15.0-1116.130
4.15.0-1118.132
4.15.0-1119.133
4.15.0-1120.134
4.15.0-1121.135
4.15.0-1122.136
4.15.0-1124.138
4.15.0-1127.142
4.15.0-1130.146
4.15.0-1131.147
4.15.0-1134.150
4.15.0-1135.151
4.15.0-1136.152
4.15.0-1137.153
4.15.0-1138.154
4.15.0-1141.157
4.15.0-1142.158

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "4.15.0-1143.159",
            "binary_name": "linux-buildinfo-4.15.0-1143-gcp"
        },
        {
            "binary_version": "4.15.0-1143.159",
            "binary_name": "linux-gcp-4.15-headers-4.15.0-1143"
        },
        {
            "binary_version": "4.15.0-1143.159",
            "binary_name": "linux-gcp-4.15-tools-4.15.0-1143"
        },
        {
            "binary_version": "4.15.0-1143.159",
            "binary_name": "linux-headers-4.15.0-1143-gcp"
        },
        {
            "binary_version": "4.15.0-1143.159",
            "binary_name": "linux-image-unsigned-4.15.0-1143-gcp"
        },
        {
            "binary_version": "4.15.0-1143.159",
            "binary_name": "linux-image-unsigned-4.15.0-1143-gcp-dbgsym"
        },
        {
            "binary_version": "4.15.0-1143.159",
            "binary_name": "linux-modules-4.15.0-1143-gcp"
        },
        {
            "binary_version": "4.15.0-1143.159",
            "binary_name": "linux-modules-extra-4.15.0-1143-gcp"
        },
        {
            "binary_version": "4.15.0-1143.159",
            "binary_name": "linux-tools-4.15.0-1143-gcp"
        }
    ]
}