[USN-5362-1] Linux kernel (Intel IOTG) vulnerabilities
Several security issues were fixed in the Linux kernel.
Nick Gregory discovered that the Linux kernel incorrectly handled network
offload functionality. A local attacker could use this to cause a denial of
service or possibly execute arbitrary code. (CVE-2022-25636)
Enrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, and Cristiano
Giuffrida discovered that hardware mitigations added by ARM to their
processors to address Spectre-BTI were insufficient. A local attacker could
potentially use this to expose sensitive information. (CVE-2022-23960)
It was discovered that the BPF verifier in the Linux kernel did not
properly restrict pointer types in certain situations. A local attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2022-23222)
Max Kellermann discovered that the Linux kernel incorrectly handled Unix
pipes. A local attacker could potentially use this to modify any file that
could be opened for reading. (CVE-2022-0847)
Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the
Linux kernel did not properly restrict access to the cgroups v1
release_agent feature. A local attacker could use this to gain
administrative privileges. (CVE-2022-0492)
William Liu and Jamie Hill-Daniel discovered that the file system context
functionality in the Linux kernel contained an integer underflow
vulnerability, leading to an out-of-bounds write. A local attacker could
use this to cause a denial of service (system crash) or execute arbitrary
code. (CVE-2022-0185)
Enrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, and Cristiano
Giuffrida discovered that hardware mitigations added by Intel to their
processors to address Spectre-BTI were insufficient. A local attacker could
potentially use this to expose sensitive information. (CVE-2022-0001)
Jann Horn discovered a race condition in the Unix domain socket
implementation in the Linux kernel that could result in a read-after-free.
A local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2021-4083)
It was discovered that the NFS server implementation in the Linux kernel
contained an out-of-bounds write vulnerability. A local attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2021-4090)
Kirill Tkhai discovered that the XFS file system implementation in the
Linux kernel did not calculate size correctly when pre-allocating space in
some situations. A local attacker could use this to expose sensitive
information. (CVE-2021-4155)
It was discovered that the AMD Radeon GPU driver in the Linux kernel did
not properly validate writes in the debugfs file system. A privileged
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2021-42327)
Sushma Venkatesh Reddy discovered that the Intel i915 graphics driver in
the Linux kernel did not perform a GPU TLB flush in some situations. A
local attacker could use this to cause a denial of service or possibly
execute arbitrary code. (CVE-2022-0330)
Samuel Page discovered that the Transparent Inter-Process Communication
(TIPC) protocol implementation in the Linux kernel contained a stack-based
buffer overflow. A remote attacker could use this to cause a denial of
service (system crash) for systems that have a TIPC bearer configured.
(CVE-2022-0435)
It was discovered that the KVM implementation for s390 systems in the Linux
kernel did not properly prevent memory operations on PVM guests that were
in non-protected mode. A local attacker could use this to obtain
unauthorized memory write access. (CVE-2022-0516)
It was discovered that the ICMPv6 implementation in the Linux kernel did
not properly deallocate memory in certain situations. A remote attacker
could possibly use this to cause a denial of service (memory exhaustion).
(CVE-2022-0742)
It was discovered that the VMware Virtual GPU driver in the Linux kernel
did not properly handle certain failure conditions, leading to a stale
entry in the file descriptor table. A local attacker could use this to
expose sensitive information or possibly gain administrative privileges.
(CVE-2022-22942)
- ID
- USN-5362-1
- Severity
- high
- URL
- https://ubuntu.com/security/notices/USN-5362-1
- Published
-
2022-04-01T01:11:38
(2 years ago) - Modified
-
2022-04-01T01:11:38
(2 years ago) - Other Advisories
-
- ALAS-2022-1563
- ALAS-2022-1571
- ALAS-2023-1688
- ALAS2-2022-1749
- ALAS2-2022-1761
- ALPINE:CVE-2022-23960
- ALSA-2022:0188
- ALSA-2022:0825
- ALSA-2022:1550
- ALSA-2022:1988
- ALSA-2022:7683
- ALSA-2024:3138
- ASB-A-215557547
- ASB-A-216408350
- ASB-A-220741611
- CISA-2022:0425
- CISA-2024:0821
- DSA-5050-1
- DSA-5092-1
- DSA-5095-1
- DSA-5096-1
- DSA-5173-1
- ELSA-2022-0188
- ELSA-2022-0620
- ELSA-2022-0825
- ELSA-2022-1198
- ELSA-2022-1550
- ELSA-2022-1988
- ELSA-2022-4642
- ELSA-2022-7683
- ELSA-2022-9010
- ELSA-2022-9011
- ELSA-2022-9012
- ELSA-2022-9013
- ELSA-2022-9014
- ELSA-2022-9028
- ELSA-2022-9029
- ELSA-2022-9088
- ELSA-2022-9141
- ELSA-2022-9142
- ELSA-2022-9147
- ELSA-2022-9148
- ELSA-2022-9179
- ELSA-2022-9180
- ELSA-2022-9181
- ELSA-2022-9182
- ELSA-2022-9210
- ELSA-2022-9211
- ELSA-2022-9212
- ELSA-2022-9213
- ELSA-2022-9244
- ELSA-2022-9245
- ELSA-2022-9260
- ELSA-2022-9273
- ELSA-2022-9274
- ELSA-2022-9313
- ELSA-2022-9314
- ELSA-2022-9667
- ELSA-2022-9781
- ELSA-2024-3138
- FEDORA-2021-a093973910
- FEDORA-2022-48acd4718d
- FEDORA-2022-6352c313b7
- FEDORA-2022-6d4082d590
- FEDORA-2022-6f887c7be7
- FEDORA-2022-952bb7b856
- FEDORA-2022-a39015bec2
- FEDORA-2022-df17aabb12
- FEDORA-2022-edbd74424e
- MS:CVE-2021-4083
- MS:CVE-2021-4155
- MS:CVE-2021-42327
- MS:CVE-2022-0185
- MS:CVE-2022-0330
- MS:CVE-2022-0435
- MS:CVE-2022-0492
- MS:CVE-2022-0516
- MS:CVE-2022-0742
- MS:CVE-2022-0847
- MS:CVE-2022-23222
- MS:CVE-2022-23960
- openSUSE-SU-2022:0169-1
- openSUSE-SU-2022:0198-1
- openSUSE-SU-2022:0363-1
- openSUSE-SU-2022:0366-1
- openSUSE-SU-2022:0370-1
- openSUSE-SU-2022:0755-1
- openSUSE-SU-2022:0760-1
- openSUSE-SU-2022:0768-1
- openSUSE-SU-2022:0940-1
- openSUSE-SU-2022:1037-1
- openSUSE-SU-2022:1039-1
- RHSA-2022:0176
- RHSA-2022:0188
- RHSA-2022:0232
- RHSA-2022:0592
- RHSA-2022:0620
- RHSA-2022:0622
- RHSA-2022:0819
- RHSA-2022:0825
- RHSA-2022:0849
- RHSA-2022:1185
- RHSA-2022:1198
- RHSA-2022:1199
- RHSA-2022:1535
- RHSA-2022:1550
- RHSA-2022:1555
- RHSA-2022:1975
- RHSA-2022:1988
- RHSA-2022:4642
- RHSA-2022:4644
- RHSA-2022:4655
- RHSA-2022:7683
- RHSA-2024:2950
- RHSA-2024:3138
- RLSA-2022:1550
- RLSA-2022:176
- RLSA-2022:1988
- RLSA-2022:7683
- RLSA-2022:819
- RLSA-2024:3138
- SSA:2022-031-01
- SSA:2022-067-01
- SSA:2022-129-01
- SUSE-SU-2022:0080-1
- SUSE-SU-2022:0169-1
- SUSE-SU-2022:0197-1
- SUSE-SU-2022:0198-1
- SUSE-SU-2022:0238-1
- SUSE-SU-2022:0239-1
- SUSE-SU-2022:0241-1
- SUSE-SU-2022:0254-1
- SUSE-SU-2022:0257-1
- SUSE-SU-2022:0262-1
- SUSE-SU-2022:0270-1
- SUSE-SU-2022:0288-1
- SUSE-SU-2022:0289-1
- SUSE-SU-2022:0291-1
- SUSE-SU-2022:0292-1
- SUSE-SU-2022:0293-1
- SUSE-SU-2022:0295-1
- SUSE-SU-2022:0362-1
- SUSE-SU-2022:0363-1
- SUSE-SU-2022:0364-1
- SUSE-SU-2022:0365-1
- SUSE-SU-2022:0366-1
- SUSE-SU-2022:0367-1
- SUSE-SU-2022:0370-1
- SUSE-SU-2022:0371-1
- SUSE-SU-2022:0372-1
- SUSE-SU-2022:0418-1
- SUSE-SU-2022:0429-1
- SUSE-SU-2022:0436-1
- SUSE-SU-2022:0463-1
- SUSE-SU-2022:0477-1
- SUSE-SU-2022:0543-1
- SUSE-SU-2022:0544-1
- SUSE-SU-2022:0552-1
- SUSE-SU-2022:0555-1
- SUSE-SU-2022:0615-1
- SUSE-SU-2022:0619-1
- SUSE-SU-2022:0660-1
- SUSE-SU-2022:0755-1
- SUSE-SU-2022:0756-1
- SUSE-SU-2022:0757-1
- SUSE-SU-2022:0759-1
- SUSE-SU-2022:0760-1
- SUSE-SU-2022:0761-1
- SUSE-SU-2022:0762-1
- SUSE-SU-2022:0763-1
- SUSE-SU-2022:0764-1
- SUSE-SU-2022:0765-1
- SUSE-SU-2022:0766-1
- SUSE-SU-2022:0767-1
- SUSE-SU-2022:0768-1
- SUSE-SU-2022:0931-1
- SUSE-SU-2022:0939-1
- SUSE-SU-2022:0940-1
- SUSE-SU-2022:0978-1
- SUSE-SU-2022:0984-1
- SUSE-SU-2022:0991-1
- SUSE-SU-2022:0998-1
- SUSE-SU-2022:1012-1
- SUSE-SU-2022:1034-1
- SUSE-SU-2022:1035-1
- SUSE-SU-2022:1036-1
- SUSE-SU-2022:1037-1
- SUSE-SU-2022:1038-1
- SUSE-SU-2022:1039-1
- SUSE-SU-2022:1172-1
- SUSE-SU-2022:1189-1
- SUSE-SU-2022:1193-1
- SUSE-SU-2022:1194-1
- SUSE-SU-2022:1196-1
- SUSE-SU-2022:1212-1
- SUSE-SU-2022:1223-1
- SUSE-SU-2022:1242-1
- SUSE-SU-2022:1246-1
- SUSE-SU-2022:1257-1
- SUSE-SU-2022:1278-1
- SUSE-SU-2022:1285-1
- SUSE-SU-2022:1300-1
- SUSE-SU-2022:1359-1
- SUSE-SU-2022:1375-1
- SUSE-SU-2022:1408-1
- SUSE-SU-2022:1569-1
- SUSE-SU-2022:1575-1
- SUSE-SU-2022:1580-1
- SUSE-SU-2022:1589-1
- SUSE-SU-2022:1591-1
- SUSE-SU-2022:1593-1
- SUSE-SU-2022:1605-1
- SUSE-SU-2022:1637-1
- SUSE-SU-2022:1640-1
- SUSE-SU-2022:1651-1
- SUSE-SU-2022:2111-1
- SUSE-SU-2022:2520-1
- SUSE-SU-2022:2615-1
- SUSE-SU-2022:3264-1
- SUSE-SU-2022:3450-1
- SUSE-SU-2022:3609-1
- SUSE-SU-2022:3809-1
- SUSE-SU-2024:2008-1
- SUSE-SU-2024:2360-1
- SUSE-SU-2024:2362-1
- SUSE-SU-2024:2365-1
- SUSE-SU-2024:2561-1
- USN-5165-1
- USN-5217-1
- USN-5240-1
- USN-5265-1
- USN-5278-1
- USN-5294-1
- USN-5294-2
- USN-5295-1
- USN-5295-2
- USN-5297-1
- USN-5298-1
- USN-5302-1
- USN-5317-1
- USN-5318-1
- USN-5319-1
- USN-5337-1
- USN-5338-1
- USN-5339-1
- USN-5343-1
- USN-5346-1
- USN-5361-1
- USN-5368-1
- USN-5377-1
- USN-5505-1
- USN-5513-1
- USN-5884-1
- USN-5926-1
- VU:155143
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:deb/ubuntu/linux-tools-intel?distro=focal | ubuntu | linux-tools-intel | < 5.13.0.1010.11 | focal | ||
Affected | pkg:deb/ubuntu/linux-tools-5.13.0-1010-intel?distro=focal | ubuntu | linux-tools-5.13.0-1010-intel | < 5.13.0-1010.10 | focal | ||
Affected | pkg:deb/ubuntu/linux-modules-extra-5.13.0-1010-intel?distro=focal | ubuntu | linux-modules-extra-5.13.0-1010-intel | < 5.13.0-1010.10 | focal | ||
Affected | pkg:deb/ubuntu/linux-modules-5.13.0-1010-intel?distro=focal | ubuntu | linux-modules-5.13.0-1010-intel | < 5.13.0-1010.10 | focal | ||
Affected | pkg:deb/ubuntu/linux-intel?distro=focal | ubuntu | linux-intel | < 5.13.0.1010.11 | focal | ||
Affected | pkg:deb/ubuntu/linux-intel-5.13-tools-host?distro=focal | ubuntu | linux-intel-5.13-tools-host | < 5.13.0-1010.10 | focal | ||
Affected | pkg:deb/ubuntu/linux-intel-5.13-tools-common?distro=focal | ubuntu | linux-intel-5.13-tools-common | < 5.13.0-1010.10 | focal | ||
Affected | pkg:deb/ubuntu/linux-intel-5.13-tools-5.13.0-1010?distro=focal | ubuntu | linux-intel-5.13-tools-5.13.0-1010 | < 5.13.0-1010.10 | focal | ||
Affected | pkg:deb/ubuntu/linux-intel-5.13-source-5.13.0?distro=focal | ubuntu | linux-intel-5.13-source-5.13.0 | < 5.13.0-1010.10 | focal | ||
Affected | pkg:deb/ubuntu/linux-intel-5.13-headers-5.13.0-1010?distro=focal | ubuntu | linux-intel-5.13-headers-5.13.0-1010 | < 5.13.0-1010.10 | focal | ||
Affected | pkg:deb/ubuntu/linux-intel-5.13-cloud-tools-common?distro=focal | ubuntu | linux-intel-5.13-cloud-tools-common | < 5.13.0-1010.10 | focal | ||
Affected | pkg:deb/ubuntu/linux-intel-5.13-cloud-tools-5.13.0-1010?distro=focal | ubuntu | linux-intel-5.13-cloud-tools-5.13.0-1010 | < 5.13.0-1010.10 | focal | ||
Affected | pkg:deb/ubuntu/linux-image-unsigned-5.13.0-1010-intel?distro=focal | ubuntu | linux-image-unsigned-5.13.0-1010-intel | < 5.13.0-1010.10 | focal | ||
Affected | pkg:deb/ubuntu/linux-image-intel?distro=focal | ubuntu | linux-image-intel | < 5.13.0.1010.11 | focal | ||
Affected | pkg:deb/ubuntu/linux-image-5.13.0-1010-intel?distro=focal | ubuntu | linux-image-5.13.0-1010-intel | < 5.13.0-1010.10 | focal | ||
Affected | pkg:deb/ubuntu/linux-headers-intel?distro=focal | ubuntu | linux-headers-intel | < 5.13.0.1010.11 | focal | ||
Affected | pkg:deb/ubuntu/linux-headers-5.13.0-1010-intel?distro=focal | ubuntu | linux-headers-5.13.0-1010-intel | < 5.13.0-1010.10 | focal | ||
Affected | pkg:deb/ubuntu/linux-cloud-tools-intel?distro=focal | ubuntu | linux-cloud-tools-intel | < 5.13.0.1010.11 | focal | ||
Affected | pkg:deb/ubuntu/linux-cloud-tools-5.13.0-1010-intel?distro=focal | ubuntu | linux-cloud-tools-5.13.0-1010-intel | < 5.13.0-1010.10 | focal | ||
Affected | pkg:deb/ubuntu/linux-buildinfo-5.13.0-1010-intel?distro=focal | ubuntu | linux-buildinfo-5.13.0-1010-intel | < 5.13.0-1010.10 | focal |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |