USN-5780-1

See a problem?
Source
https://ubuntu.com/security/notices/USN-5780-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/USN-5780-1.json
JSON Data
https://api.osv.dev/v1/vulns/USN-5780-1
Related
  • CVE-2022-3524
  • CVE-2022-3619
  • CVE-2022-3628
  • CVE-2022-42895
  • CVE-2022-42896
Published
2022-12-14T18:00:29.912572Z
Modified
2022-12-14T18:00:29.912572Z
Summary
linux-oem-6.0 vulnerabilities
Details

It was discovered that a memory leak existed in the IPv6 implementation of the Linux kernel. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-3524)

It was discovered that the Bluetooth HCI implementation in the Linux kernel did not properly deallocate memory in some situations. An attacker could possibly use this cause a denial of service (memory exhaustion). (CVE-2022-3619)

It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform bounds checking in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3628)

Tamás Koczka discovered that the Bluetooth L2CAP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-42895)

Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42896)

References

Affected packages

Ubuntu:22.04:LTS / linux-oem-6.0

Package

Name
linux-oem-6.0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.0.0-1008.8

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "linux-image-unsigned-6.0.0-1008-oem": "6.0.0-1008.8",
            "linux-image-oem-22.04b": "6.0.0.1008.8",
            "linux-oem-6.0-tools-host": "6.0.0-1008.8",
            "linux-tools-oem-22.04b": "6.0.0.1008.8",
            "linux-image-6.0.0-1008-oem": "6.0.0-1008.8",
            "linux-oem-22.04b": "6.0.0.1008.8",
            "linux-modules-6.0.0-1008-oem": "6.0.0-1008.8",
            "linux-headers-oem-22.04b": "6.0.0.1008.8",
            "linux-headers-6.0.0-1008-oem": "6.0.0-1008.8",
            "linux-buildinfo-6.0.0-1008-oem": "6.0.0-1008.8",
            "linux-oem-6.0-tools-6.0.0-1008": "6.0.0-1008.8",
            "linux-modules-iwlwifi-6.0.0-1008-oem": "6.0.0-1008.8",
            "linux-modules-iwlwifi-oem-22.04b": "6.0.0.1008.8",
            "linux-tools-6.0.0-1008-oem": "6.0.0-1008.8",
            "linux-oem-6.0-headers-6.0.0-1008": "6.0.0-1008.8"
        }
    ]
}