First published: Wed Jul 13 2022(Updated: )
It was discovered that the Atheros ath9k wireless device driver in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1679) It was discovered that the virtio RPMSG bus driver in the Linux kernel contained a double-free vulnerability in certain error conditions. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-34494)
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
ubuntu/linux-image-oem-20.04c | <5.14.0.1045.41 | 5.14.0.1045.41 |
Ubuntu Ubuntu | =20.04 | |
All of | ||
ubuntu/linux-image-oem-20.04b | <5.14.0.1045.41 | 5.14.0.1045.41 |
Ubuntu Ubuntu | =20.04 | |
All of | ||
ubuntu/linux-image-oem-20.04 | <5.14.0.1045.41 | 5.14.0.1045.41 |
Ubuntu Ubuntu | =20.04 | |
All of | ||
ubuntu/linux-image-5.14.0-1045-oem | <5.14.0-1045.51 | 5.14.0-1045.51 |
Ubuntu Ubuntu | =20.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this security notice is USN-5517-1.
The severity of USN-5517-1 is not mentioned in the provided information.
The Atheros ath9k wireless device driver vulnerability in the Linux kernel can lead to a use-after-free vulnerability, causing a denial of service or possible execution of arbitrary code.
The affected package/version in Ubuntu is linux-image-oem-20.04c (version 5.14.0.1045.41).
To fix the vulnerability in Ubuntu, update the linux-image-oem-20.04c package to version 5.14.0.1045.41 or higher.