USN-5566-1

Details

Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-2588)

It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-2586)

It was discovered that the implementation of POSIX timers in the Linux kernel did not properly clean up timers in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-2585)

Minh Yuan discovered that the floppy disk driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1652)

It was discovered that the Atheros ath9k wireless device driver in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1679)

Felix Fu discovered that the Sun RPC implementation in the Linux kernel did not properly handle socket states, leading to a use-after-free vulnerability. A remote attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-28893)

Johannes Wikner and Kaveh Razavi discovered that for some AMD x86-64 processors, the branch predictor could by mis-trained for return instructions in certain circumstances. A local attacker could possibly use this to expose sensitive information. (CVE-2022-29900)

Johannes Wikner and Kaveh Razavi discovered that for some Intel x86-64 processors, the Linux kernel's protections against speculative branch target injection attacks were insufficient in some circumstances. A local attacker could possibly use this to expose sensitive information. (CVE-2022-29901)

Arthur Mongodin discovered that the netfilter subsystem in the Linux kernel did not properly perform data validation. A local attacker could use this to escalate privileges in certain situations. (CVE-2022-34918)

Affected Packages

Ubuntu:20.04:LTSlinux-aws-5.15

Fixed in:

5.15.0-1017.21~20.04.1

Ubuntu:20.04:LTSlinux-azure-5.15

Fixed in:

5.15.0-1017.20~20.04.1

Ubuntu:20.04:LTSlinux-gcp-5.15

Fixed in:

5.15.0-1016.21~20.04.1

Ubuntu:20.04:LTSlinux-gke-5.15

Fixed in:

5.15.0-1014.17~20.04.1

Ubuntu:22.04:LTSlinux-aws

Fixed in:

5.15.0-1017.21

Ubuntu:22.04:LTSlinux-azure

Fixed in:

5.15.0-1017.20

Ubuntu:22.04:LTSlinux-gcp

Fixed in:

5.15.0-1016.21

Ubuntu:22.04:LTSlinux-gke

Fixed in:

5.15.0-1014.17

Ubuntu:22.04:LTSlinux-ibm

Fixed in:

5.15.0-1012.14

Ubuntu:22.04:LTSlinux-kvm

Fixed in:

5.15.0-1016.19

Ubuntu:22.04:LTSlinux-oracle

Fixed in:

5.15.0-1016.20

Ubuntu:22.04:LTSlinux-raspi

Fixed in:

5.15.0-1013.15

References

REPORThttps://ubuntu.com/security/CVE-2022-1652 REPORThttps://ubuntu.com/security/CVE-2022-1679 REPORThttps://ubuntu.com/security/CVE-2022-2585 REPORThttps://ubuntu.com/security/CVE-2022-2586 REPORThttps://ubuntu.com/security/CVE-2022-2588 REPORThttps://ubuntu.com/security/CVE-2022-28893 REPORThttps://ubuntu.com/security/CVE-2022-29900 REPORThttps://ubuntu.com/security/CVE-2022-29901 REPORThttps://ubuntu.com/security/CVE-2022-34918 ADVISORYhttps://ubuntu.com/security/notices/USN-5566-1

USN-5566-1

Details

Affected Packages

References

Upstream

Ecosystems

Timeline