[USN-5884-1] Linux kernel (AWS) vulnerabilities
Several security issues were fixed in the Linux kernel.
Kirill Tkhai discovered that the XFS file system implementation in the
Linux kernel did not calculate size correctly when pre-allocating space in
some situations. A local attacker could use this to expose sensitive
information. (CVE-2021-4155)
Lee Jones discovered that a use-after-free vulnerability existed in the
Bluetooth implementation in the Linux kernel. A local attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2022-20566)
Duoming Zhou discovered that a race condition existed in the SLIP driver in
the Linux kernel, leading to a null pointer dereference vulnerability. An
attacker could use this to cause a denial of service (system crash).
(CVE-2022-41858)
Tamás Koczka discovered that the Bluetooth L2CAP implementation in the
Linux kernel did not properly initialize memory in some situations. A
physically proximate attacker could possibly use this to expose sensitive
information (kernel memory). (CVE-2022-42895)
José Oliveira and Rodrigo Branco discovered that the prctl syscall
implementation in the Linux kernel did not properly protect against
indirect branch prediction attacks in some situations. A local attacker
could possibly use this to expose sensitive information. (CVE-2023-0045)
It was discovered that the RNDIS USB driver in the Linux kernel contained
an integer overflow vulnerability. A local attacker with physical access
could plug in a malicious USB device to cause a denial of service (system
crash) or possibly execute arbitrary code. (CVE-2023-23559)
- ID
- USN-5884-1
- Severity
- high
- Severity from
- CVE-2022-20566
- URL
- https://ubuntu.com/security/notices/USN-5884-1
- Published
-
2023-02-23T16:09:52
(19 months ago) - Modified
-
2023-02-23T16:09:52
(19 months ago) - Other Advisories
-
- ALAS-2022-1563
- ALAS-2022-1591
- ALAS-2023-1688
- ALAS-2023-1706
- ALAS2-2022-1749
- ALAS2-2022-1793
- ALAS2-2022-1838
- ALAS2-2022-1888
- ALAS2-2023-1932
- ALAS2-2024-2569
- ALSA-2022:0188
- ALSA-2023:7077
- ALSA-2024:0897
- DSA-5050-1
- DSA-5096-1
- ELSA-2022-0188
- ELSA-2022-0620
- ELSA-2022-9010
- ELSA-2022-9011
- ELSA-2022-9012
- ELSA-2022-9013
- ELSA-2022-9014
- ELSA-2022-9088
- ELSA-2022-9147
- ELSA-2022-9148
- ELSA-2022-9781
- ELSA-2023-12008
- ELSA-2023-12009
- ELSA-2023-12017
- ELSA-2023-12018
- ELSA-2023-12109
- ELSA-2023-12117
- ELSA-2023-12118
- ELSA-2023-12160
- ELSA-2023-12196
- ELSA-2023-12242
- ELSA-2023-12243
- ELSA-2023-12255
- ELSA-2023-12256
- ELSA-2023-12323
- ELSA-2023-6583
- ELSA-2023-7077
- ELSA-2024-0461
- ELSA-2024-0897
- ELSA-2024-12094
- ELSA-2024-12169
- MS:CVE-2021-4155
- MS:CVE-2022-41858
- MS:CVE-2023-23559
- RHSA-2022:0176
- RHSA-2022:0188
- RHSA-2022:0232
- RHSA-2022:0592
- RHSA-2022:0620
- RHSA-2022:0622
- RHSA-2023:6901
- RHSA-2023:7077
- RHSA-2024:0881
- RHSA-2024:0897
- RLSA-2022:176
- SSA:2022-031-01
- SSA:2022-333-01
- SSA:2023-048-01
- SUSE-SU-2022:0362-1
- SUSE-SU-2022:0477-1
- SUSE-SU-2022:3264-1
- SUSE-SU-2022:3450-1
- SUSE-SU-2022:3609-1
- SUSE-SU-2022:3809-1
- SUSE-SU-2022:4503-1
- SUSE-SU-2022:4504-1
- SUSE-SU-2022:4505-1
- SUSE-SU-2022:4561-1
- SUSE-SU-2022:4566-1
- SUSE-SU-2022:4573-1
- SUSE-SU-2022:4574-1
- SUSE-SU-2022:4585-1
- SUSE-SU-2022:4589-1
- SUSE-SU-2022:4611-1
- SUSE-SU-2022:4613-1
- SUSE-SU-2022:4614-1
- SUSE-SU-2022:4615-1
- SUSE-SU-2022:4616-1
- SUSE-SU-2022:4617-1
- SUSE-SU-2023:0416-1
- SUSE-SU-2023:0420-1
- SUSE-SU-2023:0485-1
- SUSE-SU-2023:0488-1
- SUSE-SU-2023:0618-1
- SUSE-SU-2023:0634-1
- SUSE-SU-2023:0747-1
- SUSE-SU-2023:0749-1
- SUSE-SU-2023:0749-2
- SUSE-SU-2023:0762-1
- SUSE-SU-2023:0767-1
- SUSE-SU-2023:0768-1
- SUSE-SU-2023:0770-1
- SUSE-SU-2023:0774-1
- SUSE-SU-2023:0778-1
- SUSE-SU-2023:0779-1
- SUSE-SU-2023:0780-1
- SUSE-SU-2023:0796-1
- SUSE-SU-2023:0852-1
- SUSE-SU-2023:1608-1
- SUSE-SU-2023:1609-1
- SUSE-SU-2023:1710-1
- SUSE-SU-2023:2506-1
- SUSE-SU-2023:2646-1
- SUSE-SU-2023:2809-1
- SUSE-SU-2023:2871-1
- SUSE-SU-2023:4135-1
- SUSE-SU-2023:4136-1
- SUSE-SU-2023:4158-1
- SUSE-SU-2023:4159-1
- SUSE-SU-2023:4160-1
- SUSE-SU-2024:0155-1
- USN-5278-1
- USN-5294-1
- USN-5294-2
- USN-5295-1
- USN-5295-2
- USN-5297-1
- USN-5298-1
- USN-5362-1
- USN-5780-1
- USN-5850-1
- USN-5851-1
- USN-5853-1
- USN-5858-1
- USN-5859-1
- USN-5860-1
- USN-5874-1
- USN-5875-1
- USN-5876-1
- USN-5877-1
- USN-5878-1
- USN-5879-1
- USN-5883-1
- USN-5909-1
- USN-5913-1
- USN-5914-1
- USN-5915-1
- USN-5917-1
- USN-5918-1
- USN-5919-1
- USN-5920-1
- USN-5924-1
- USN-5925-1
- USN-5926-1
- USN-5927-1
- USN-5934-1
- USN-5939-1
- USN-5940-1
- USN-5951-1
- USN-5970-1
- USN-5975-1
- USN-5978-1
- USN-5979-1
- USN-5980-1
- USN-5981-1
- USN-5982-1
- USN-5984-1
- USN-5985-1
- USN-5987-1
- USN-5991-1
- USN-6000-1
- USN-6004-1
- USN-6007-1
- USN-6009-1
- USN-6020-1
- USN-6030-1
- USN-6031-1
- USN-6032-1
- USN-6151-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:deb/ubuntu/linux-tools-aws?distro=xenial | ubuntu | linux-tools-aws | < 4.4.0.1154.158 | xenial | ||
Affected | pkg:deb/ubuntu/linux-tools-4.4.0-1154-aws?distro=xenial | ubuntu | linux-tools-4.4.0-1154-aws | < 4.4.0-1154.169 | xenial | ||
Affected | pkg:deb/ubuntu/linux-modules-extra-aws?distro=xenial | ubuntu | linux-modules-extra-aws | < 4.4.0.1154.158 | xenial | ||
Affected | pkg:deb/ubuntu/linux-modules-extra-4.4.0-1154-aws?distro=xenial | ubuntu | linux-modules-extra-4.4.0-1154-aws | < 4.4.0-1154.169 | xenial | ||
Affected | pkg:deb/ubuntu/linux-modules-4.4.0-1154-aws?distro=xenial | ubuntu | linux-modules-4.4.0-1154-aws | < 4.4.0-1154.169 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-aws?distro=xenial | ubuntu | linux-image-aws | < 4.4.0.1154.158 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-1154-aws?distro=xenial | ubuntu | linux-image-4.4.0-1154-aws | < 4.4.0-1154.169 | xenial | ||
Affected | pkg:deb/ubuntu/linux-headers-aws?distro=xenial | ubuntu | linux-headers-aws | < 4.4.0.1154.158 | xenial | ||
Affected | pkg:deb/ubuntu/linux-headers-4.4.0-1154-aws?distro=xenial | ubuntu | linux-headers-4.4.0-1154-aws | < 4.4.0-1154.169 | xenial | ||
Affected | pkg:deb/ubuntu/linux-cloud-tools-4.4.0-1154-aws?distro=xenial | ubuntu | linux-cloud-tools-4.4.0-1154-aws | < 4.4.0-1154.169 | xenial | ||
Affected | pkg:deb/ubuntu/linux-buildinfo-4.4.0-1154-aws?distro=xenial | ubuntu | linux-buildinfo-4.4.0-1154-aws | < 4.4.0-1154.169 | xenial | ||
Affected | pkg:deb/ubuntu/linux-aws?distro=xenial | ubuntu | linux-aws | < 4.4.0.1154.158 | xenial | ||
Affected | pkg:deb/ubuntu/linux-aws-tools-4.4.0-1154?distro=xenial | ubuntu | linux-aws-tools-4.4.0-1154 | < 4.4.0-1154.169 | xenial | ||
Affected | pkg:deb/ubuntu/linux-aws-headers-4.4.0-1154?distro=xenial | ubuntu | linux-aws-headers-4.4.0-1154 | < 4.4.0-1154.169 | xenial | ||
Affected | pkg:deb/ubuntu/linux-aws-cloud-tools-4.4.0-1154?distro=xenial | ubuntu | linux-aws-cloud-tools-4.4.0-1154 | < 4.4.0-1154.169 | xenial |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |