LSN-0087-1
Vulnerability Summary
Timeline
Description
Kernel Live Patch Security Notice Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code.(CVE-2022-1966) Ziming Zhang discovered that the netfilter subsystem in the Linux kernel did not properly validate sets with multiple ranged fields. A local attacker could use this to cause a denial of service or execute arbitrary code.(CVE-2022-1972)
Affected Systems
- ubuntu•linux
< 4.4.0-227.261 | < 4.15.0-184.194 | < 5.4.0-117.132 | < 5.15.0-37.39
- ubuntu•linux-aws
< 4.4.0-1143.158 | < 4.15.0-1133.143 | < 5.4.0-1078.84
- ubuntu•linux-aws-5.4
< 5.4.0-1078.84~18.04.1
- ubuntu•linux-aws-hwe
< 4.15.0-1133.143~16.04.1
- ubuntu•linux-azure
< 4.15.0-1142.156~16.04.1 | < 5.4.0-1083.87
- ubuntu•linux-azure-4.15
< 4.15.0-1142.156
- ubuntu•linux-azure-5.4
< 5.4.0-1083.87~18.04.1
- ubuntu•linux-gcp
< 4.15.0-1127.142~16.04.1 | < 5.4.0-1078.84 | < 5.15.0-1008.12
- ubuntu•linux-gcp-4.15
all
- ubuntu•linux-gcp-5.4
all
- ubuntu•linux-gke
< 5.4.0-1074.79 | < 5.15.0-1008.10
- ubuntu•linux-gke-4.15
all
- ubuntu•linux-gke-5.4
< 5.4.0-1074.79~18.04.1
- ubuntu•linux-gkeop
< 5.4.0-1046.48
- ubuntu•linux-gkeop-5.4
< 5.4.0-1046.48~18.04.1
- ubuntu•linux-hwe
< 4.15.0-184.194~16.04.1
- ubuntu•linux-hwe-5.4
< 5.4.0-117.132~18.04.1
- ubuntu•linux-ibm
< 5.4.0-1026.29 | < 5.15.0-1007.8
- ubuntu•linux-lowlatency
< 5.15.0-37.39
- ubuntu•linux-lts-xenial
< 4.4.0-227.261~14.04.1
- ubuntu•linux-oem
all