USN-5468-1: Linux kernel vulnerabilities
First published: Wed Jun 08 2022(Updated: )
It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. (CVE-2022-21499) Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1966) Qiuhao Li, Gaoning Pan and Yongkang Jia discovered that the KVM implementation in the Linux kernel did not properly perform guest page table updates in some situations. An attacker in a guest vm could possibly use this to crash the host OS. (CVE-2022-1158) Ziming Zhang discovered that the netfilter subsystem in the Linux kernel did not properly validate sets with multiple ranged fields. A local attacker could use this to cause a denial of service or execute arbitrary code. (CVE-2022-1972) It was discovered that the USB Gadget file system interface in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-24958) It was discovered that the EMS CAN/USB interface implementation in the Linux kernel contained a double-free vulnerability when handling certain error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-28390)
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/linux-image-virtual | <5.13.0.48.56 | 5.13.0.48.56 |
| =21.10 | ||
| All of | ||
| ubuntu/linux-image-generic-64k | <5.13.0.48.56 | 5.13.0.48.56 |
| =21.10 | ||
| All of | ||
| ubuntu/linux-image-generic | <5.13.0.48.56 | 5.13.0.48.56 |
| =21.10 | ||
| All of | ||
| ubuntu/linux-image-aws | <5.13.0.1028.28 | 5.13.0.1028.28 |
| =21.10 | ||
| All of | ||
| ubuntu/linux-image-5.13.0-1033-oracle | <5.13.0-1033.39 | 5.13.0-1033.39 |
| =21.10 | ||
| All of | ||
| ubuntu/linux-image-5.13.0-1028-azure | <5.13.0-1028.33 | 5.13.0-1028.33 |
| =21.10 | ||
| All of | ||
| ubuntu/linux-image-5.13.0-48-generic-lpae | <5.13.0-48.54 | 5.13.0-48.54 |
| =21.10 | ||
| All of | ||
| ubuntu/linux-image-5.13.0-48-lowlatency | <5.13.0-48.54 | 5.13.0-48.54 |
| =21.10 | ||
| All of | ||
| ubuntu/linux-image-5.13.0-1030-gcp | <5.13.0-1030.36 | 5.13.0-1030.36 |
| =21.10 | ||
| All of | ||
| ubuntu/linux-image-5.13.0-1031-raspi | <5.13.0-1031.34 | 5.13.0-1031.34 |
| =21.10 | ||
| All of | ||
| ubuntu/linux-image-azure | <5.13.0.1028.27 | 5.13.0.1028.27 |
| =21.10 | ||
| All of | ||
| ubuntu/linux-image-raspi-nolpae | <5.13.0.1031.35 | 5.13.0.1031.35 |
| =21.10 | ||
| All of | ||
| ubuntu/linux-image-oem-20.04 | <5.13.0.48.56 | 5.13.0.48.56 |
| =21.10 | ||
| All of | ||
| ubuntu/linux-image-gke | <5.13.0.1030.27 | 5.13.0.1030.27 |
| =21.10 | ||
| All of | ||
| ubuntu/linux-image-5.13.0-1031-raspi-nolpae | <5.13.0-1031.34 | 5.13.0-1031.34 |
| =21.10 | ||
| All of | ||
| ubuntu/linux-image-5.13.0-48-generic-64k | <5.13.0-48.54 | 5.13.0-48.54 |
| =21.10 | ||
| All of | ||
| ubuntu/linux-image-gcp | <5.13.0.1030.27 | 5.13.0.1030.27 |
| =21.10 | ||
| All of | ||
| ubuntu/linux-image-oracle | <5.13.0.1033.32 | 5.13.0.1033.32 |
| =21.10 | ||
| All of | ||
| ubuntu/linux-image-5.13.0-1028-aws | <5.13.0-1028.31 | 5.13.0-1028.31 |
| =21.10 | ||
| All of | ||
| ubuntu/linux-image-5.13.0-48-generic | <5.13.0-48.54 | 5.13.0-48.54 |
| =21.10 | ||
| All of | ||
| ubuntu/linux-image-raspi | <5.13.0.1031.35 | 5.13.0.1031.35 |
| =21.10 | ||
| All of | ||
| ubuntu/linux-image-kvm | <5.13.0.1027.26 | 5.13.0.1027.26 |
| =21.10 | ||
| All of | ||
| ubuntu/linux-image-generic-lpae | <5.13.0.48.56 | 5.13.0.48.56 |
| =21.10 | ||
| All of | ||
| ubuntu/linux-image-5.13.0-1027-kvm | <5.13.0-1027.29 | 5.13.0-1027.29 |
| =21.10 | ||
| All of | ||
| ubuntu/linux-image-lowlatency | <5.13.0.48.56 | 5.13.0.48.56 |
| =21.10 | ||
| All of | ||
| ubuntu/linux-image-virtual-hwe-20.04 | <5.13.0.48.54~20.04.30 | 5.13.0.48.54~20.04.30 |
| =20.04 | ||
| All of | ||
| ubuntu/linux-image-intel | <5.13.0.1014.14 | 5.13.0.1014.14 |
| =20.04 | ||
| All of | ||
| ubuntu/linux-image-aws | <5.13.0.1028.31~20.04.22 | 5.13.0.1028.31~20.04.22 |
| =20.04 | ||
| All of | ||
| ubuntu/linux-image-5.13.0-1033-oracle | <5.13.0-1033.39~20.04.1 | 5.13.0-1033.39~20.04.1 |
| =20.04 | ||
| All of | ||
| ubuntu/linux-image-5.13.0-1028-azure | <5.13.0-1028.33~20.04.1 | 5.13.0-1028.33~20.04.1 |
| =20.04 | ||
| All of | ||
| ubuntu/linux-image-lowlatency-hwe-20.04 | <5.13.0.48.54~20.04.30 | 5.13.0.48.54~20.04.30 |
| =20.04 | ||
| All of | ||
| ubuntu/linux-image-generic-hwe-20.04 | <5.13.0.48.54~20.04.30 | 5.13.0.48.54~20.04.30 |
| =20.04 | ||
| All of | ||
| ubuntu/linux-image-5.13.0-48-lowlatency | <5.13.0-48.54~20.04.1 | 5.13.0-48.54~20.04.1 |
| =20.04 | ||
| All of | ||
| ubuntu/linux-image-5.13.0-1030-gcp | <5.13.0-1030.36~20.04.1 | 5.13.0-1030.36~20.04.1 |
| =20.04 | ||
| All of | ||
| ubuntu/linux-image-azure | <5.13.0.1028.33~20.04.17 | 5.13.0.1028.33~20.04.17 |
| =20.04 | ||
| All of | ||
| ubuntu/linux-image-5.13.0-48-generic-64k | <5.13.0-48.54~20.04.1 | 5.13.0-48.54~20.04.1 |
| =20.04 | ||
| All of | ||
| ubuntu/linux-image-gcp | <5.13.0.1030.36~20.04.1 | 5.13.0.1030.36~20.04.1 |
| =20.04 | ||
| All of | ||
| ubuntu/linux-image-oracle | <5.13.0.1033.39~20.04.1 | 5.13.0.1033.39~20.04.1 |
| =20.04 | ||
| All of | ||
| ubuntu/linux-image-5.13.0-1028-aws | <5.13.0-1028.31~20.04.1 | 5.13.0-1028.31~20.04.1 |
| =20.04 | ||
| All of | ||
| ubuntu/linux-image-generic-lpae-hwe-20.04 | <5.13.0.48.54~20.04.30 | 5.13.0.48.54~20.04.30 |
| =20.04 | ||
| All of | ||
| ubuntu/linux-image-5.13.0-48-generic | <5.13.0-48.54~20.04.1 | 5.13.0-48.54~20.04.1 |
| =20.04 | ||
| All of | ||
| ubuntu/linux-image-generic-64k-hwe-20.04 | <5.13.0.48.54~20.04.30 | 5.13.0.48.54~20.04.30 |
| =20.04 | ||
| All of | ||
| ubuntu/linux-image-5.13.0-48-generic-lpae | <5.13.0-48.54~20.04.1 | 5.13.0-48.54~20.04.1 |
| =20.04 | ||
| All of | ||
| ubuntu/linux-image-5.13.0-1014-intel | <5.13.0-1014.15 | 5.13.0-1014.15 |
| =20.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://ubuntu.com/security/CVE-2022-1966
- https://ubuntu.com/security/CVE-2022-21499
- https://ubuntu.com/security/CVE-2022-1158
- https://ubuntu.com/security/CVE-2022-1972
- https://ubuntu.com/security/CVE-2022-24958
- https://ubuntu.com/security/CVE-2022-28390
- https://ubuntu.com/security/notices/USN-5465-1
- https://ubuntu.com/security/notices/USN-5466-1
- https://ubuntu.com/security/notices/USN-5467-1
- https://ubuntu.com/security/notices/USN-5469-1
- https://ubuntu.com/security/notices/USN-5470-1
- https://ubuntu.com/security/notices/USN-5471-1
- https://ubuntu.com/security/notices/LSN-0087-1
- https://ubuntu.com/security/notices/LSN-0089-1
- https://ubuntu.com/security/notices/LSN-0086-1
- https://ubuntu.com/security/notices/USN-5484-1
- https://ubuntu.com/security/notices/USN-5416-1
- https://ubuntu.com/security/notices/USN-5381-1
- https://ubuntu.com/security/notices/USN-5418-1
- https://ubuntu.com/security/notices/USN-5505-1
- https://ubuntu.com/security/notices/USN-5513-1
- https://ubuntu.com/security/notices/USN-5413-1
- https://launchpad.net/ubuntu/+source/linux-meta/5.13.0.48.56
- https://launchpad.net/ubuntu/+source/linux-meta-aws/5.13.0.1028.28
- https://launchpad.net/ubuntu/+source/linux-signed-oracle/5.13.0-1033.39
- https://launchpad.net/ubuntu/+source/linux-signed-azure/5.13.0-1028.33
- https://launchpad.net/ubuntu/+source/linux/5.13.0-48.54
- https://launchpad.net/ubuntu/+source/linux-signed/5.13.0-48.54
- https://launchpad.net/ubuntu/+source/linux-signed-gcp/5.13.0-1030.36
- https://launchpad.net/ubuntu/+source/linux-raspi/5.13.0-1031.34
- https://launchpad.net/ubuntu/+source/linux-meta-azure/5.13.0.1028.27
- https://launchpad.net/ubuntu/+source/linux-meta-raspi/5.13.0.1031.35
- https://launchpad.net/ubuntu/+source/linux-meta-gcp/5.13.0.1030.27
- https://launchpad.net/ubuntu/+source/linux-meta-oracle/5.13.0.1033.32
- https://launchpad.net/ubuntu/+source/linux-signed-aws/5.13.0-1028.31
- https://launchpad.net/ubuntu/+source/linux-meta-kvm/5.13.0.1027.26
- https://launchpad.net/ubuntu/+source/linux-signed-kvm/5.13.0-1027.29
- https://launchpad.net/ubuntu/+source/linux-meta-hwe-5.13/5.13.0.48.54~20.04.30
- https://launchpad.net/ubuntu/+source/linux-meta-intel-5.13/5.13.0.1014.14
- https://launchpad.net/ubuntu/+source/linux-meta-aws-5.13/5.13.0.1028.31~20.04.22
- https://launchpad.net/ubuntu/+source/linux-signed-oracle-5.13/5.13.0-1033.39~20.04.1
- https://launchpad.net/ubuntu/+source/linux-signed-azure-5.13/5.13.0-1028.33~20.04.1
- https://launchpad.net/ubuntu/+source/linux-signed-hwe-5.13/5.13.0-48.54~20.04.1
- https://launchpad.net/ubuntu/+source/linux-signed-gcp-5.13/5.13.0-1030.36~20.04.1
- https://launchpad.net/ubuntu/+source/linux-meta-azure-5.13/5.13.0.1028.33~20.04.17
- https://launchpad.net/ubuntu/+source/linux-meta-gcp-5.13/5.13.0.1030.36~20.04.1
- https://launchpad.net/ubuntu/+source/linux-meta-oracle-5.13/5.13.0.1033.39~20.04.1
- https://launchpad.net/ubuntu/+source/linux-signed-aws-5.13/5.13.0-1028.31~20.04.1
- https://launchpad.net/ubuntu/+source/linux-hwe-5.13/5.13.0-48.54~20.04.1
- https://launchpad.net/ubuntu/+source/linux-signed-intel-5.13/5.13.0-1014.15
- https://ubuntu.com/security/notices/USN-5468-1 (Advisory)
Child vulnerabilities
(Contains the following vulnerabilities)
- agent/severity
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- agent/title
- agent/event
- agent/weakness
- agent/references
- agent/description
- agent/tags
- agent/trending
- collector/usn
- source/Ubuntu
- agent/software-canonical-lookup
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu ubuntu
- version/ubuntu ubuntu/21.10
- version/ubuntu ubuntu/20.04