USN-5468-1

Advisory lineage Upstream: 12 Downstream: 0
Published: 08 Jun 2022, 04:29
Last modified:03 Jun 2026, 14:04

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

08 Jun 2022, 04:29
Published
Vulnerability first disclosed
03 Jun 2026, 14:04
Last Modified
Vulnerability information updated

Description

linux, linux-aws, linux-aws-5.13, linux-azure, linux-azure-5.13, linux-gcp, linux-gcp-5.13, linux-hwe-5.13, linux-intel-5.13, linux-kvm, linux-oracle, linux-oracle-5.13, linux-raspi vulnerabilities It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. (CVE-2022-21499) Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1966) Qiuhao Li, Gaoning Pan and Yongkang Jia discovered that the KVM implementation in the Linux kernel did not properly perform guest page table updates in some situations. An attacker in a guest vm could possibly use this to crash the host OS. (CVE-2022-1158) Ziming Zhang discovered that the netfilter subsystem in the Linux kernel did not properly validate sets with multiple ranged fields. A local attacker could use this to cause a denial of service or execute arbitrary code. (CVE-2022-1972) It was discovered that the USB Gadget file system interface in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-24958) It was discovered that the EMS CAN/USB interface implementation in the Linux kernel contained a double-free vulnerability when handling certain error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-28390)

Affected Systems

  • ubuntulinux-aws-5.13

    < 5.13.0-1028.31~20.04.1

  • ubuntulinux-azure-5.13

    < 5.13.0-1028.33~20.04.1

  • ubuntulinux-gcp-5.13

    < 5.13.0-1030.36~20.04.1

  • ubuntulinux-hwe-5.13

    < 5.13.0-48.54~20.04.1

  • ubuntulinux-intel-5.13

    < 5.13.0-1014.15

  • ubuntulinux-oracle-5.13

    < 5.13.0-1033.39~20.04.1

References (7)