USN-5465-1

Advisory lineage Upstream: 6 Downstream: 0

Upstream

CVE-2022-1966 CVE-2022-21499 CVE-2022-30594 UBUNTU-CVE-2022-1966 UBUNTU-CVE-2022-21499 UBUNTU-CVE-2022-30594

Published: 08 Jun 2022, 01:25

Last modified:03 Jun 2026, 14:03

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

08 Jun 2022, 01:25

Published

Vulnerability first disclosed

03 Jun 2026, 14:03

Last Modified

Vulnerability information updated

Description

linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. (CVE-2022-21499) Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1966) Jann Horn discovered that the Linux kernel did not properly enforce seccomp restrictions in some situations. A local attacker could use this to bypass intended seccomp sandbox restrictions. (CVE-2022-30594)

Affected Systems

ubuntu•linux
< 4.4.0-227.261
ubuntu•linux-aws
< 4.4.0-1107.113 | < 4.4.0-1143.158
ubuntu•linux-kvm
< 4.4.0-1108.118
ubuntu•linux-lts-xenial
< 4.4.0-227.261~14.04.1

USN-5465-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (4)