LSN-0086-1

Advisory lineage Upstream: 14 Downstream: 0
Published: 02 Jun 2022, 07:44
Last modified:03 Jun 2026, 13:33

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

02 Jun 2022, 07:44
Published
Vulnerability first disclosed
03 Jun 2026, 13:33
Last Modified
Vulnerability information updated

Description

Kernel Live Patch Security Notice It was discovered that a race condition existed in the network scheduling subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.(CVE-2021-39713) Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not properly restrict access to the cgroups v1 release_agent feature. A local attacker could use this to gain administrative privileges.(CVE-2022-0492) It was discovered that the network traffic control implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.(CVE-2022-1055) Bing-Jhong Billy Jheng discovered that the io_uring subsystem in the Linux kernel contained in integer overflow. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code.(CVE-2022-1116) It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions.(CVE-2022-21499) Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code.(CVE-2022-29581) Jann Horn discovered that the Linux kernel did not properly enforce seccomp restrictions in some situations. A local attacker could use this to bypass intended seccomp sandbox restrictions.(CVE-2022-30594)

Affected Systems

  • ubuntulinux

    all | < 4.4.0-227.261 | < 4.15.0-180.189 | < 5.4.0-117.132 | < 5.15.0-37.39

  • ubuntulinux-aws

    all | < 4.4.0-1143.158 | < 4.15.0-1130.139 | < 5.4.0-1078.84

  • ubuntulinux-aws-5.4

    all | < 5.4.0-1078.84~18.04.1

  • ubuntulinux-aws-hwe

    all | < 4.15.0-1130.139~16.04.1

  • ubuntulinux-azure

    all | < 4.15.0-1139.152~16.04.1 | < 5.4.0-1083.87

  • ubuntulinux-azure-4.15

    all | < 4.15.0-1139.152

  • ubuntulinux-azure-5.4

    all | < 5.4.0-1083.87~18.04.1

  • ubuntulinux-gcp

    all | < 4.15.0-1124.138~16.04.1 | < 5.4.0-1078.84 | < 5.15.0-1008.12

  • ubuntulinux-gcp-4.15

    all | < 4.15.0-1124.138

  • ubuntulinux-gcp-5.4

    all | < 5.4.0-1078.84~18.04.1

  • ubuntulinux-gke

    all | < 5.4.0-1074.79 | < 5.15.0-1008.10

  • ubuntulinux-gke-4.15

    all

  • ubuntulinux-gke-5.4

    all | < 5.4.0-1074.79~18.04.1

  • ubuntulinux-gkeop

    all | < 5.4.0-1046.48

  • ubuntulinux-gkeop-5.4

    all | < 5.4.0-1046.48~18.04.1

  • ubuntulinux-hwe

    all | < 4.15.0-180.189~16.04.1

  • ubuntulinux-hwe-5.4

    all | < 5.4.0-117.132~18.04.1

  • ubuntulinux-ibm

    all | < 5.4.0-1026.29 | < 5.15.0-1007.8

  • ubuntulinux-ibm-5.4

    all | < 5.4.0-1028.32~18.04.1

  • ubuntulinux-lowlatency

    all | < 5.15.0-37.39

  • ubuntulinux-lts-xenial

    all | < 4.4.0-227.261~14.04.1

  • ubuntulinux-oem

    all

References (8)