USN-5470-1

Description

linux-oem-5.14 vulnerabilities It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. (CVE-2022-21499) Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1966) Minh Yuan discovered that the floppy driver in the Linux kernel contained a race condition in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1836) Ziming Zhang discovered that the netfilter subsystem in the Linux kernel did not properly validate sets with multiple ranged fields. A local attacker could use this to cause a denial of service or execute arbitrary code. (CVE-2022-1972)

Affected Systems

• ubuntu•linux-oem-5.14

  < 5.14.0-1042.47

References (5)

• https://ubuntu.com/security/notices/USN-5470-1
• https://ubuntu.com/security/CVE-2022-1836
• https://ubuntu.com/security/CVE-2022-1966
• https://ubuntu.com/security/CVE-2022-1972
• https://ubuntu.com/security/CVE-2022-21499