USN-5357-1

Details

It was discovered that the IPsec implementation in the Linux kernel did not properly allocate enough memory when performing ESP transformations, leading to a heap-based buffer overflow. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.

Affected Packages

Ubuntu:18.04:LTSlinux

Fixed in:

4.15.0-175.184

Ubuntu:18.04:LTSlinux-aws

Fixed in:

4.15.0-1126.135

Ubuntu:18.04:LTSlinux-azure-4.15

Fixed in:

4.15.0-1136.149

Ubuntu:18.04:LTSlinux-dell300x

Fixed in:

4.15.0-1040.45

Ubuntu:18.04:LTSlinux-kvm

Fixed in:

4.15.0-1112.115

Ubuntu:18.04:LTSlinux-snapdragon

Fixed in:

4.15.0-1125.134

Ubuntu:Pro:16.04:LTSlinux-hwe

Fixed in:

4.15.0-175.184~16.04.1

References

REPORThttps://ubuntu.com/security/CVE-2022-27666 ADVISORYhttps://ubuntu.com/security/notices/USN-5357-1

USN-5357-1

Details

Affected Packages

References

Upstream

Ecosystems

Timeline