USN-5418-1

Details

Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2021-26401)

Demi Marie Obenour and Simon Gaiser discovered that several Xen para- virtualization device frontends did not properly restrict the access rights of device backends. An attacker could possibly use a malicious Xen backend to gain access to memory pages of a guest VM or cause a denial of service in the guest. (CVE-2022-23036, CVE-2022-23037, CVE-2022-23038, CVE-2022-23039, CVE-2022-23040, CVE-2022-23042)

It was discovered that the USB Gadget file system interface in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-24958)

It was discovered that the USB gadget subsystem in the Linux kernel did not properly validate interface descriptor requests. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-25258)

It was discovered that the Remote NDIS (RNDIS) USB gadget implementation in the Linux kernel did not properly validate the size of the RNDIS_MSG_SET command. An attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-25375)

It was discovered that the ST21NFCA NFC driver in the Linux kernel did not properly validate the size of certain data in EVT_TRANSACTION events. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-26490)

It was discovered that the USB SR9700 ethernet device driver for the Linux kernel did not properly validate the length of requests from the device. A physically proximate attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-26966)

It was discovered that the Xilinx USB2 device gadget driver in the Linux kernel did not properly validate endpoint indices from the host. A physically proximate attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-27223)

Affected Packages

Ubuntu:18.04:LTSlinux

Fixed in:

4.15.0-177.186

Ubuntu:18.04:LTSlinux-aws

Fixed in:

4.15.0-1128.137

Ubuntu:18.04:LTSlinux-azure-4.15

Fixed in:

4.15.0-1138.151

Ubuntu:18.04:LTSlinux-dell300x

Fixed in:

4.15.0-1042.47

Ubuntu:18.04:LTSlinux-gcp-4.15

Fixed in:

4.15.0-1122.136

Ubuntu:18.04:LTSlinux-kvm

Fixed in:

4.15.0-1114.117

Ubuntu:18.04:LTSlinux-oracle

Fixed in:

4.15.0-1093.102

Ubuntu:18.04:LTSlinux-snapdragon

Fixed in:

4.15.0-1127.136

Ubuntu:Pro:14.04:LTSlinux-azure

Fixed in:

4.15.0-1138.151~14.04.1

Ubuntu:Pro:16.04:LTSlinux-aws-hwe

Fixed in:

4.15.0-1128.137~16.04.1

Ubuntu:Pro:16.04:LTSlinux-azure

Fixed in:

4.15.0-1138.151~16.04.1

Ubuntu:Pro:16.04:LTSlinux-gcp

Fixed in:

4.15.0-1122.136~16.04.1

Ubuntu:Pro:16.04:LTSlinux-hwe

Fixed in:

4.15.0-177.186~16.04.1

Ubuntu:Pro:16.04:LTSlinux-oracle

Fixed in:

4.15.0-1093.102~16.04.1

References

USN-5418-1

Details

Affected Packages

References

Upstream

Ecosystems

Timeline