Early Access — Mondoo Vulnerability Intelligence is currently in preview.
Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-4378)
Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42896)
It was discovered that the Xen netback driver in the Linux kernel did not properly handle packets structured in certain ways. An attacker in a guest VM could possibly use this to cause a denial of service (host NIC availability). (CVE-2022-3643)
It was discovered that an integer overflow vulnerability existed in the Bluetooth subsystem in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2022-45934)
5.15.0-1028.32~20.04.15.15.0-1031.38~20.04.15.15.0-1027.34~20.04.15.15.0-58.64~20.04.15.15.0-58.645.15.0-1028.325.15.0-1031.385.15.0-1027.345.15.0-1023.265.15.0-1026.315.15.0-1027.335.15.0-1023.25