USN-5804-2
- Source
- https://ubuntu.com/security/notices/USN-5804-2
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5804-2.json
- JSON Data
- https://api.osv.dev/v1/vulns/USN-5804-2
- Upstream
- Related
- Published
- 2023-01-13T19:11:37.171007Z
- Modified
- 2025-10-13T04:36:13Z
- Summary
- linux-aws, linux-gcp-4.15 vulnerabilities
- Details
-
It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43945)
Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42896)
It was discovered that the Xen netback driver in the Linux kernel did not properly handle packets structured in certain ways. An attacker in a guest VM could possibly use this to cause a denial of service (host NIC availability). (CVE-2022-3643)
It was discovered that an integer overflow vulnerability existed in the Bluetooth subsystem in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2022-45934)
- References
Affected packages
Ubuntu:18.04:LTS / linux-aws
Package
- Name
- linux-aws
- Purl
- pkg:deb/ubuntu/linux-aws@4.15.0-1148.160?arch=source&distro=bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.15.0-1148.160
Affected versions
4.*
4.15.0-1001.1
4.15.0-1003.3
4.15.0-1005.5
4.15.0-1006.6
4.15.0-1007.7
4.15.0-1009.9
4.15.0-1010.10
4.15.0-1011.11
4.15.0-1016.16
4.15.0-1017.17
4.15.0-1019.19
4.15.0-1020.20
4.15.0-1021.21
4.15.0-1023.23
4.15.0-1025.25
4.15.0-1027.27
4.15.0-1029.30
4.15.0-1031.33
4.15.0-1032.34
4.15.0-1033.35
4.15.0-1034.36
4.15.0-1035.37
4.15.0-1037.39
4.15.0-1039.41
4.15.0-1040.42
4.15.0-1041.43
4.15.0-1043.45
4.15.0-1044.46
4.15.0-1045.47
4.15.0-1047.49
4.15.0-1048.50
4.15.0-1050.52
4.15.0-1051.53
4.15.0-1052.54
4.15.0-1054.56
4.15.0-1056.58
4.15.0-1057.59
4.15.0-1058.60
4.15.0-1060.62
4.15.0-1063.67
4.15.0-1065.69
4.15.0-1066.70
4.15.0-1067.71
4.15.0-1073.77
4.15.0-1076.80
4.15.0-1077.81
4.15.0-1079.83
4.15.0-1080.84
4.15.0-1082.86
4.15.0-1083.87
4.15.0-1086.91
4.15.0-1087.92
4.15.0-1088.93
4.15.0-1090.95
4.15.0-1091.96
4.15.0-1092.98
4.15.0-1093.99
4.15.0-1094.101
4.15.0-1095.102
4.15.0-1096.103
4.15.0-1097.104
4.15.0-1098.105
4.15.0-1099.106
4.15.0-1101.108
4.15.0-1102.109
4.15.0-1103.110
4.15.0-1106.113
4.15.0-1109.116
4.15.0-1110.117
4.15.0-1111.118
4.15.0-1112.119
4.15.0-1114.121
4.15.0-1115.122
4.15.0-1116.123
4.15.0-1118.125
4.15.0-1119.127
4.15.0-1121.129
4.15.0-1123.132
4.15.0-1124.133
4.15.0-1126.135
4.15.0-1127.136
4.15.0-1128.137
4.15.0-1130.139
4.15.0-1133.143
4.15.0-1136.147
4.15.0-1137.148
4.15.0-1139.150
4.15.0-1140.151
4.15.0-1141.152
4.15.0-1142.154
4.15.0-1143.155
4.15.0-1144.156
4.15.0-1146.158
4.15.0-1147.159
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "linux-aws-cloud-tools-4.15.0-1148",
"binary_version": "4.15.0-1148.160"
},
{
"binary_name": "linux-aws-headers-4.15.0-1148",
"binary_version": "4.15.0-1148.160"
},
{
"binary_name": "linux-aws-tools-4.15.0-1148",
"binary_version": "4.15.0-1148.160"
},
{
"binary_name": "linux-buildinfo-4.15.0-1148-aws",
"binary_version": "4.15.0-1148.160"
},
{
"binary_name": "linux-cloud-tools-4.15.0-1148-aws",
"binary_version": "4.15.0-1148.160"
},
{
"binary_name": "linux-headers-4.15.0-1148-aws",
"binary_version": "4.15.0-1148.160"
},
{
"binary_name": "linux-image-unsigned-4.15.0-1148-aws",
"binary_version": "4.15.0-1148.160"
},
{
"binary_name": "linux-modules-4.15.0-1148-aws",
"binary_version": "4.15.0-1148.160"
},
{
"binary_name": "linux-modules-extra-4.15.0-1148-aws",
"binary_version": "4.15.0-1148.160"
},
{
"binary_name": "linux-tools-4.15.0-1148-aws",
"binary_version": "4.15.0-1148.160"
}
]
}
Database specific
cves_map
{
"ecosystem": "Ubuntu:18.04:LTS",
"cves": [
{
"id": "CVE-2022-3643",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2022-42896",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "high"
}
]
},
{
"id": "CVE-2022-43945",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "high"
}
]
},
{
"id": "CVE-2022-45934",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
}
]
}
Ubuntu:18.04:LTS / linux-gcp-4.15
Package
- Name
- linux-gcp-4.15
- Purl
- pkg:deb/ubuntu/linux-gcp-4.15@4.15.0-1143.159?arch=source&distro=bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.15.0-1143.159
Affected versions
4.*
4.15.0-1071.81
4.15.0-1077.87
4.15.0-1078.88
4.15.0-1080.90
4.15.0-1081.92
4.15.0-1083.94
4.15.0-1084.95
4.15.0-1086.98
4.15.0-1087.100
4.15.0-1088.101
4.15.0-1090.103
4.15.0-1091.104
4.15.0-1092.105
4.15.0-1093.106
4.15.0-1094.107
4.15.0-1095.108
4.15.0-1096.109
4.15.0-1097.110
4.15.0-1098.111
4.15.0-1099.112
4.15.0-1100.113
4.15.0-1103.116
4.15.0-1106.120
4.15.0-1107.121
4.15.0-1108.122
4.15.0-1109.123
4.15.0-1110.124
4.15.0-1111.125
4.15.0-1112.126
4.15.0-1114.128
4.15.0-1115.129
4.15.0-1116.130
4.15.0-1118.132
4.15.0-1119.133
4.15.0-1120.134
4.15.0-1121.135
4.15.0-1122.136
4.15.0-1124.138
4.15.0-1127.142
4.15.0-1130.146
4.15.0-1131.147
4.15.0-1134.150
4.15.0-1135.151
4.15.0-1136.152
4.15.0-1137.153
4.15.0-1138.154
4.15.0-1141.157
4.15.0-1142.158
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "linux-buildinfo-4.15.0-1143-gcp",
"binary_version": "4.15.0-1143.159"
},
{
"binary_name": "linux-gcp-4.15-headers-4.15.0-1143",
"binary_version": "4.15.0-1143.159"
},
{
"binary_name": "linux-gcp-4.15-tools-4.15.0-1143",
"binary_version": "4.15.0-1143.159"
},
{
"binary_name": "linux-headers-4.15.0-1143-gcp",
"binary_version": "4.15.0-1143.159"
},
{
"binary_name": "linux-image-unsigned-4.15.0-1143-gcp",
"binary_version": "4.15.0-1143.159"
},
{
"binary_name": "linux-modules-4.15.0-1143-gcp",
"binary_version": "4.15.0-1143.159"
},
{
"binary_name": "linux-modules-extra-4.15.0-1143-gcp",
"binary_version": "4.15.0-1143.159"
},
{
"binary_name": "linux-tools-4.15.0-1143-gcp",
"binary_version": "4.15.0-1143.159"
}
]
}
Database specific
cves_map
{
"ecosystem": "Ubuntu:18.04:LTS",
"cves": [
{
"id": "CVE-2022-3643",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2022-42896",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "high"
}
]
},
{
"id": "CVE-2022-43945",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "high"
}
]
},
{
"id": "CVE-2022-45934",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
}
]
}