First published: Tue Aug 09 2022(Updated: )
Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-2588) It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-2586)
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
ubuntu/linux-image-virtual | <4.4.0.231.237 | 4.4.0.231.237 |
=16.04 | ||
All of | ||
ubuntu/linux-image-generic | <4.4.0.231.237 | 4.4.0.231.237 |
=16.04 | ||
All of | ||
ubuntu/linux-image-aws | <4.4.0.1147.151 | 4.4.0.1147.151 |
=16.04 | ||
All of | ||
ubuntu/linux-image-4.4.0-1112-kvm | <4.4.0-1112.122 | 4.4.0-1112.122 |
=16.04 | ||
All of | ||
ubuntu/linux-image-4.4.0-231-lowlatency | <4.4.0-231.265 | 4.4.0-231.265 |
=16.04 | ||
All of | ||
ubuntu/linux-image-4.4.0-1147-aws | <4.4.0-1147.162 | 4.4.0-1147.162 |
=16.04 | ||
All of | ||
ubuntu/linux-image-4.4.0-231-generic | <4.4.0-231.265 | 4.4.0-231.265 |
=16.04 | ||
All of | ||
ubuntu/linux-image-kvm | <4.4.0.1112.109 | 4.4.0.1112.109 |
=16.04 | ||
All of | ||
ubuntu/linux-image-lowlatency | <4.4.0.231.237 | 4.4.0.231.237 |
=16.04 | ||
All of | ||
ubuntu/linux-image-4.4.0-231-lowlatency | <4.4.0-231.265~14.04.1 | 4.4.0-231.265~14.04.1 |
=14.04 | ||
All of | ||
ubuntu/linux-image-generic-lts-xenial | <4.4.0.231.201 | 4.4.0.231.201 |
=14.04 | ||
All of | ||
ubuntu/linux-image-4.4.0-231-generic | <4.4.0-231.265~14.04.1 | 4.4.0-231.265~14.04.1 |
=14.04 | ||
All of | ||
ubuntu/linux-image-4.4.0-1111-aws | <4.4.0-1111.117 | 4.4.0-1111.117 |
=14.04 | ||
All of | ||
ubuntu/linux-image-lowlatency-lts-xenial | <4.4.0.231.201 | 4.4.0.231.201 |
=14.04 | ||
All of | ||
ubuntu/linux-image-aws | <4.4.0.1111.108 | 4.4.0.1111.108 |
=14.04 | ||
All of | ||
ubuntu/linux-image-virtual-lts-xenial | <4.4.0.231.201 | 4.4.0.231.201 |
=14.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this advisory is USN-5557-1.
The severity of the vulnerability is not mentioned in the advisory.
A local attacker can exploit this vulnerability to cause a denial of service (system crash) or execute arbitrary code.
The Linux kernel versions affected are 4.4.0.231.237, 4.4.0.1147.151, 4.4.0-1112.122, 4.4.0-231.265, 4.4.0-1147.162, 4.4.0-231.265~14.04.1, 4.4.0.231.201, 4.4.0-231.265~14.04.1, 4.4.0-1111.117, 4.4.0.231.201, 4.4.0.1111.108.
To fix this vulnerability, update your Linux kernel to version 4.4.0.231.237, 4.4.0.1147.151, 4.4.0-1112.122, 4.4.0-231.265, 4.4.0-1147.162, 4.4.0-231.265~14.04.1, 4.4.0.231.201, 4.4.0-231.265~14.04.1, 4.4.0-1111.117, 4.4.0.231.201, or 4.4.0.1111.108 depending on the affected version.