What is the vulnerability ID for this advisory?

The vulnerability ID for this advisory is CVE-2022-3619.

What is the severity of CVE-2022-3619?

The severity of CVE-2022-3619 is not mentioned in the advisory.

How does CVE-2022-3619 affect Ubuntu Ubuntu 22.10?

CVE-2022-3619 affects Ubuntu Ubuntu 22.10 if the Linux kernel versions mentioned in the advisory are being used.

How do I fix CVE-2022-3619?

To fix CVE-2022-3619, upgrade to the specific Linux kernel versions mentioned in the advisory.

Where can I find more information about CVE-2022-3619?

You can find more information about CVE-2022-3619 on the Ubuntu Security website.

Vulnerability/
USN-5850-1

CWE

416 362

9/2/2023

USN-5850-1: Linux kernel vulnerabilities

First published: Thu Feb 09 2023(Updated: )

It was discovered that the Bluetooth HCI implementation in the Linux kernel did not properly deallocate memory in some situations. An attacker could possibly use this cause a denial of service (memory exhaustion). (CVE-2022-3619) It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform bounds checking in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3628) It was discovered that a use-after-free vulnerability existed in the Bluetooth stack in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-3640) Tamás Koczka discovered that the Bluetooth L2CAP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2022-42895) It was discovered that a race condition existed in the qdisc implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-0590)

Affected Software	Affected Version	How to fix
All of
ubuntu/linux-image-5.19.0-1017-lowlatency	<5.19.0-1017.18	5.19.0-1017.18
	=22.10
All of
ubuntu/linux-image-aws	<5.19.0.1019.16	5.19.0.1019.16
	=22.10
All of
ubuntu/linux-image-5.19.0-1018-kvm	<5.19.0-1018.19	5.19.0-1018.19
	=22.10
All of
ubuntu/linux-image-5.19.0-1019-aws	<5.19.0-1019.20	5.19.0-1019.20
	=22.10
All of
ubuntu/linux-image-5.19.0-31-generic-64k	<5.19.0-31.32	5.19.0-31.32
	=22.10
All of
ubuntu/linux-image-virtual	<5.19.0.31.28	5.19.0.31.28
	=22.10
All of
ubuntu/linux-image-generic-64k	<5.19.0.31.28	5.19.0.31.28
	=22.10
All of
ubuntu/linux-image-generic	<5.19.0.31.28	5.19.0.31.28
	=22.10
All of
ubuntu/linux-image-5.19.0-1013-raspi-nolpae	<5.19.0-1013.20	5.19.0-1013.20
	=22.10
All of
ubuntu/linux-image-5.19.0-1017-oracle	<5.19.0-1017.20	5.19.0-1017.20
	=22.10
All of
ubuntu/linux-image-ibm	<5.19.0.1017.14	5.19.0.1017.14
	=22.10
All of
ubuntu/linux-image-lowlatency-64k	<5.19.0.1017.14	5.19.0.1017.14
	=22.10
All of
ubuntu/linux-image-raspi	<5.19.0.1013.12	5.19.0.1013.12
	=22.10
All of
ubuntu/linux-image-5.19.0-1017-ibm	<5.19.0-1017.19	5.19.0-1017.19
	=22.10
All of
ubuntu/linux-image-5.19.0-1013-raspi	<5.19.0-1013.20	5.19.0-1013.20
	=22.10
All of
ubuntu/linux-image-5.19.0-31-generic-lpae	<5.19.0-31.32	5.19.0-31.32
	=22.10
All of
ubuntu/linux-image-kvm	<5.19.0.1018.15	5.19.0.1018.15
	=22.10
All of
ubuntu/linux-image-raspi-nolpae	<5.19.0.1013.12	5.19.0.1013.12
	=22.10
All of
ubuntu/linux-image-5.19.0-1017-gcp	<5.19.0-1017.19	5.19.0-1017.19
	=22.10
All of
ubuntu/linux-image-5.19.0-1017-lowlatency-64k	<5.19.0-1017.18	5.19.0-1017.18
	=22.10
All of
ubuntu/linux-image-gcp	<5.19.0.1017.14	5.19.0.1017.14
	=22.10
All of
ubuntu/linux-image-oracle	<5.19.0.1017.14	5.19.0.1017.14
	=22.10
All of
ubuntu/linux-image-5.19.0-31-generic	<5.19.0-31.32	5.19.0-31.32
	=22.10
All of
ubuntu/linux-image-generic-lpae	<5.19.0.31.28	5.19.0.31.28
	=22.10
All of
ubuntu/linux-image-lowlatency	<5.19.0.1017.14	5.19.0.1017.14
	=22.10

Never miss a vulnerability like this again

Reference Links

Child vulnerabilities

(Contains the following vulnerabilities)

Frequently Asked Questions

What is the vulnerability ID for this advisory?
The vulnerability ID for this advisory is CVE-2022-3619.
What is the severity of CVE-2022-3619?
The severity of CVE-2022-3619 is not mentioned in the advisory.
How does CVE-2022-3619 affect Ubuntu Ubuntu 22.10?
CVE-2022-3619 affects Ubuntu Ubuntu 22.10 if the Linux kernel versions mentioned in the advisory are being used.
How do I fix CVE-2022-3619?
To fix CVE-2022-3619, upgrade to the specific Linux kernel versions mentioned in the advisory.
Where can I find more information about CVE-2022-3619?
You can find more information about CVE-2022-3619 on the Ubuntu Security website.

agent/description
agent/event
agent/first-publish-date
agent/last-modified-date
agent/references
agent/severity
agent/softwarecombine
agent/tags
agent/title
agent/type
agent/weakness
collector/usn
source/Ubuntu
anchor-related/USN-5780-1
anchor-related/USN-5851-1
anchor-related/USN-5860-1
anchor-related/USN-5876-1
anchor-related/USN-5877-1
anchor-related/USN-5878-1
anchor-related/USN-5879-1
anchor-related/USN-5858-1
anchor-related/USN-5859-1
anchor-related/USN-5874-1
anchor-related/USN-5875-1
anchor-related/USN-5853-1
anchor-related/USN-5883-1
anchor-related/USN-5884-1
anchor-related/USN-5909-1
anchor-related/USN-5918-1
anchor-related/USN-5919-1
anchor-related/USN-5920-1
anchor-related/USN-5924-1
anchor-related/USN-5925-1
anchor-related/USN-5926-1
anchor-related/USN-5927-1
anchor-related/USN-5975-1
anchor-related/USN-6007-1
anchor-related/USN-6284-1
anchor-related/USN-6301-1
anchor-related/USN-6312-1
anchor-related/USN-6314-1
anchor-related/USN-6331-1
anchor-related/USN-6337-1
anchor-related/USN-5976-1
anchor-related/USN-6001-1
anchor-related/USN-6013-1
anchor-related/USN-6014-1
agent/software-canonical-lookup
package-manager/ubuntu
vendor/ubuntu
canonical/ubuntu ubuntu
version/ubuntu ubuntu/22.10