Early Access — Mondoo Vulnerability Intelligence is currently in preview.
linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-azure-fde, linux-gcp, linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities
It was discovered that the UDF file system implementation in the Linux kernel could attempt to dereference a null pointer in some situations. An attacker could use this to construct a malicious UDF image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2022-0617)
Lyu Tao discovered that the NFS implementation in the Linux kernel did not properly handle requests to open a directory on a regular file. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2022-24448)
It was discovered that the YAM AX.25 device driver in the Linux kernel did not properly deallocate memory in some error conditions. A local privileged attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2022-24959)
5.4.0-1072.77~18.04.15.4.0-1077.80~18.04.15.4.0-1072.77~18.04.15.4.0-1068.71~18.04.15.4.0-1039.40~18.04.15.4.0-109.123~18.04.15.4.0-1020.22~18.04.15.4.0-1070.76~18.04.15.4.0-1059.66~18.04.15.4.0-109.1235.4.0-1072.775.4.0-1077.805.4.0-1076.79+cvm1.15.4.0-1072.775.4.0-1068.715.4.0-1039.405.4.0-1020.225.4.0-1062.655.4.0-1070.765.4.0-1059.67