First published: Tue Aug 30 2022(Updated: )
Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code.
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
ubuntu/linux-image-server | <3.13.0.191.201 | 3.13.0.191.201 |
=14.04 | ||
All of | ||
ubuntu/linux-image-3.13.0-191-generic | <3.13.0-191.242 | 3.13.0-191.242 |
=14.04 | ||
All of | ||
ubuntu/linux-image-3.13.0-191-lowlatency | <3.13.0-191.242 | 3.13.0-191.242 |
=14.04 | ||
All of | ||
ubuntu/linux-image-virtual | <3.13.0.191.201 | 3.13.0.191.201 |
=14.04 | ||
All of | ||
ubuntu/linux-image-generic | <3.13.0.191.201 | 3.13.0.191.201 |
=14.04 | ||
All of | ||
ubuntu/linux-image-lowlatency | <3.13.0.191.201 | 3.13.0.191.201 |
=14.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of USN-5588-1 is high.
The Linux kernel vulnerability in USN-5588-1 affects Ubuntu 14.04.
The remedy for USN-5588-1 is to update to Linux kernel version 3.13.0.191.201 or higher.
The CVE ID for USN-5588-1 is CVE-2022-2588.
You can find more information about USN-5588-1 on the Ubuntu website at the following links: [CVE-2022-2588](https://ubuntu.com/security/CVE-2022-2588), [USN-5557-1](https://ubuntu.com/security/notices/USN-5557-1), [USN-5560-1](https://ubuntu.com/security/notices/USN-5560-1).