USN-5390-1

Advisory lineage Upstream: 6 Downstream: 0
Published: 26 Apr 2022, 12:59
Last modified:23 May 2026, 01:48

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

26 Apr 2022, 12:59
Published
Vulnerability first disclosed
23 May 2026, 01:48
Last Modified
Vulnerability information updated

Description

linux, linux-aws, linux-azure, linux-gcp, linux-gke, linux-ibm, linux-kvm, linux-lowlatency vulnerabilities David Bouman discovered that the netfilter subsystem in the Linux kernel did not properly validate passed user register indices. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2022-1015) David Bouman discovered that the netfilter subsystem in the Linux kernel did not initialize memory in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2022-1016) It was discovered that the ST21NFCA NFC driver in the Linux kernel did not properly validate the size of certain data in EVT_TRANSACTION events. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-26490)

Affected Systems

  • ubuntulinux

    < 5.15.0-27.28

  • ubuntulinux-aws

    < 5.15.0-1005.7

  • ubuntulinux-azure

    < 5.15.0-1005.6

  • ubuntulinux-gcp

    < 5.15.0-1004.7

  • ubuntulinux-gke

    < 5.15.0-1003.3

  • ubuntulinux-ibm

    < 5.15.0-1003.3

  • ubuntulinux-kvm

    < 5.15.0-1005.5

  • ubuntulinux-lowlatency

    < 5.15.0-27.28

  • ubuntulinux-oracle

    < 5.15.0-1003.5

References (4)