USN-5443-2

Advisory lineage Upstream: 4 Downstream: 0

Upstream

CVE-2022-29581 CVE-2022-30594 UBUNTU-CVE-2022-29581 UBUNTU-CVE-2022-30594

Published: 01 Jun 2022, 04:30

Last modified:03 Jun 2026, 13:34

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

01 Jun 2022, 04:30

Published

Vulnerability first disclosed

03 Jun 2026, 13:34

Last Modified

Vulnerability information updated

Description

linux-gcp-5.13, linux-oracle, linux-oracle-5.13 vulnerabilities Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-29581) Jann Horn discovered that the Linux kernel did not properly enforce seccomp restrictions in some situations. A local attacker could use this to bypass intended seccomp sandbox restrictions. (CVE-2022-30594)

Affected Systems

ubuntu•linux-gcp-5.13
< 5.13.0-1027.32~20.04.1
ubuntu•linux-oracle-5.13
< 5.13.0-1030.35~20.04.1

USN-5443-2

Vulnerability Summary

Timeline

Description

Affected Systems

References (3)