USN-7607-1

Details

It was discovered that a use-after-free vulnerability existed in the Bluetooth stack in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3640)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems:

SCSI subsystem;
Network file system (NFS) client;
NILFS2 file system;
File systems infrastructure;
Memory management;
Bluetooth subsystem;
Network traffic control;
USB sound devices; (CVE-2024-50116, CVE-2021-47576, CVE-2024-53197, CVE-2024-46787, CVE-2025-37798, CVE-2024-49958, CVE-2021-47260, CVE-2025-37932, CVE-2022-49909)

Affected Packages

Ubuntu:Pro:14.04:LTSlinux-aws

Fixed in:

4.4.0-1145.151

Ubuntu:Pro:14.04:LTSlinux-lts-xenial

Fixed in:

4.4.0-270.304~14.04.1

Ubuntu:Pro:16.04:LTSlinux

Fixed in:

4.4.0-270.304

Ubuntu:Pro:16.04:LTSlinux-aws

Fixed in:

4.4.0-1183.198

References

USN-7607-1

Details

Affected Packages

References

Upstream

Ecosystems

Timeline