What is the severity of USN-5500-1?

The severity of USN-5500-1 is moderate.

How can a local attacker exploit CVE-2021-4197?

A local attacker can exploit CVE-2021-4197 by using the cgroup process migration implementation flaw in the Linux kernel to gain administrative privileges.

Which versions of Linux kernel are affected by this vulnerability?

This vulnerability affects Linux kernel versions 4.4.0.229.235, 4.4.0-229.263, and 4.4.0-1145.160.

How can I fix the Linux kernel vulnerabilities in Ubuntu 16.04?

To fix the Linux kernel vulnerabilities in Ubuntu 16.04, update your system to the latest version of linux-image-virtual, linux-image-generic, linux-image-aws, linux-image-4.4.0-229-lowlatency, linux-image-4.4.0-229-generic, linux-image-4.4.0-1145-aws, or linux-image-lowlatency depending on the specific package you have installed.

Where can I find more information about the vulnerabilities?

You can find more information about the vulnerabilities in USN-5500-1 on the Ubuntu website.

Vulnerability/
USN-5500-1

CWE

416 362

1/7/2022

USN-5500-1: Linux kernel vulnerabilities

First published: Fri Jul 01 2022(Updated: )

Eric Biederman discovered that the cgroup process migration implementation in the Linux kernel did not perform permission checks correctly in some situations. A local attacker could possibly use this to gain administrative privileges. (CVE-2021-4197) Lin Ma discovered that the NFC Controller Interface (NCI) implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-4202) It was discovered that the PF_KEYv2 implementation in the Linux kernel did not properly initialize kernel memory in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2022-1353) It was discovered that the virtual graphics memory manager implementation in the Linux kernel was subject to a race condition, potentially leading to an information leak. (CVE-2022-1419) Minh Yuan discovered that the floppy disk driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1652) It was discovered that the Atheros ath9k wireless device driver in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1679) It was discovered that the Marvell NFC device driver implementation in the Linux kernel did not properly perform memory cleanup operations in some situations, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1734) 赵子轩 discovered that the 802.2 LLC type 2 driver in the Linux kernel did not properly perform reference counting in some error conditions. A local attacker could use this to cause a denial of service. (CVE-2022-28356)

Affected Software	Affected Version	How to fix
All of
ubuntu/linux-image-virtual	<4.4.0.229.235	4.4.0.229.235
Ubuntu Ubuntu	=16.04
All of
ubuntu/linux-image-generic	<4.4.0.229.235	4.4.0.229.235
Ubuntu Ubuntu	=16.04
All of
ubuntu/linux-image-aws	<4.4.0.1145.149	4.4.0.1145.149
Ubuntu Ubuntu	=16.04
All of
ubuntu/linux-image-4.4.0-229-lowlatency	<4.4.0-229.263	4.4.0-229.263
Ubuntu Ubuntu	=16.04
All of
ubuntu/linux-image-4.4.0-229-generic	<4.4.0-229.263	4.4.0-229.263
Ubuntu Ubuntu	=16.04
All of
ubuntu/linux-image-4.4.0-1145-aws	<4.4.0-1145.160	4.4.0-1145.160
Ubuntu Ubuntu	=16.04
All of
ubuntu/linux-image-lowlatency	<4.4.0.229.235	4.4.0.229.235
Ubuntu Ubuntu	=16.04

Never miss a vulnerability like this again

Reference Links

Child vulnerabilities

(Contains the following vulnerabilities)

Frequently Asked Questions

What is the severity of USN-5500-1?
The severity of USN-5500-1 is moderate.
How can a local attacker exploit CVE-2021-4197?
A local attacker can exploit CVE-2021-4197 by using the cgroup process migration implementation flaw in the Linux kernel to gain administrative privileges.
Which versions of Linux kernel are affected by this vulnerability?
This vulnerability affects Linux kernel versions 4.4.0.229.235, 4.4.0-229.263, and 4.4.0-1145.160.
How can I fix the Linux kernel vulnerabilities in Ubuntu 16.04?
To fix the Linux kernel vulnerabilities in Ubuntu 16.04, update your system to the latest version of linux-image-virtual, linux-image-generic, linux-image-aws, linux-image-4.4.0-229-lowlatency, linux-image-4.4.0-229-generic, linux-image-4.4.0-1145-aws, or linux-image-lowlatency depending on the specific package you have installed.
Where can I find more information about the vulnerabilities?
You can find more information about the vulnerabilities in USN-5500-1 on the Ubuntu website.

agent/description
agent/event
agent/first-publish-date
agent/last-modified-date
agent/references
agent/severity
agent/softwarecombine
agent/tags
agent/title
agent/type
agent/weakness
collector/usn
source/Ubuntu
anchor-related/USN-5505-1
anchor-related/USN-5513-1
anchor-related/USN-5529-1
anchor-related/USN-5544-1
anchor-related/USN-5560-1
anchor-related/USN-5560-2
anchor-related/USN-5562-1
anchor-related/USN-5564-1
anchor-related/USN-5566-1
anchor-related/USN-5582-1
anchor-related/USN-5467-1
anchor-related/USN-5469-1
anchor-related/USN-5515-1
anchor-related/USN-5541-1
anchor-related/USN-5381-1
anchor-related/USN-5466-1
anchor-related/USN-5471-1
anchor-related/USN-5518-1
anchor-related/USN-5265-1
anchor-related/USN-5294-1
anchor-related/USN-5297-1
anchor-related/USN-5294-2
anchor-related/USN-5298-1
anchor-related/USN-5278-1
anchor-related/USN-5337-1
anchor-related/USN-5368-1
anchor-related/USN-5517-1
agent/software-canonical-lookup
package-manager/ubuntu
vendor/ubuntu
canonical/ubuntu ubuntu
version/ubuntu ubuntu/16.04