[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-USN-5650-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":70,"duplicates":71,"related":72,"reserved_at":9,"published_at":87,"modified_at":88,"state":9,"summary":89,"references_raw":91,"kevs":155,"epss":9,"epss_history":156,"metrics":157,"affected":158},"USN-5650-1","linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities\n\n\nIt was discovered that the framebuffer driver on the Linux kernel did not\nverify size limits when changing font or screen size, leading to an out-of-\nbounds write. A local attacker could use this to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2021-33655)\n\nIt was discovered that the virtual terminal driver in the Linux kernel did\nnot properly handle VGA console font changes, leading to an out-of-bounds\nwrite. A local attacker could use this to cause a denial of service (system\ncrash) or possibly execute arbitrary code. (CVE-2021-33656)\n\nChristian Brauner discovered that the XFS file system implementation in the\nLinux kernel did not properly handle setgid file creation. A local attacker\ncould use this to gain elevated privileges. (CVE-2021-4037)\n\nIt was discovered that the ext4 file system implementation in the Linux\nkernel did not properly initialize memory in some situations. A privileged\nlocal attacker could use this to expose sensitive information (kernel\nmemory). (CVE-2022-0850)\n\nDuoming Zhou discovered that the AX.25 amateur radio protocol\nimplementation in the Linux kernel did not handle detach events properly in\nsome situations. A local attacker could possibly use this to cause a denial\nof service (system crash) or execute arbitrary code. (CVE-2022-1199)\n\nDuoming Zhou discovered race conditions in the AX.25 amateur radio protocol\nimplementation in the Linux kernel during device detach operations. A local\nattacker could possibly use this to cause a denial of service (system\ncrash). (CVE-2022-1204)\n\nNorbert Slusarek discovered that a race condition existed in the perf\nsubsystem in the Linux kernel, resulting in a use-after-free vulnerability.\nA privileged local attacker could use this to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2022-1729)\n\nIt was discovered that the Packet network protocol implementation in the\nLinux kernel contained an out-of-bounds access. A remote attacker could use\nthis to expose sensitive information (kernel memory). (CVE-2022-20368)\n\nIt was discovered that the Open vSwitch implementation in the Linux kernel\ncontained an out of bounds write vulnerability in certain situations. A\nlocal attacker could use this to cause a denial of service (system crash)\nor possibly execute arbitrary code. (CVE-2022-2639)\n\nJann Horn discovered that the ASIX AX88179/178A USB Ethernet driver in the\nLinux kernel contained multiple out-of-bounds vulnerabilities. A local\nattacker with physical access could plug in a specially crafted USB device\nto cause a denial of service (system crash) or possibly execute arbitrary\ncode. (CVE-2022-2964)\n\nHao Sun and Jiacheng Xu discovered that the NILFS file system\nimplementation in the Linux kernel contained a use-after-free\nvulnerability. A local attacker could use this to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2022-2978)\n\nAbhishek Shah discovered a race condition in the PF_KEYv2 implementation in\nthe Linux kernel. A local attacker could use this to cause a denial of\nservice (system crash) or possibly expose sensitive information (kernel\nmemory). (CVE-2022-3028)\n\nIt was discovered that the Journaled File System (JFS) in the Linux kernel\ncontained a null pointer dereference in some situations. A local attacker\ncould use this to cause a denial of service (system crash). (CVE-2022-3202)\n\nDomingo Dirutigliano and Nicola Guerrera discovered that the netfilter\nsubsystem in the Linux kernel did not properly handle rules that truncated\npackets below the packet header size. When such rules are in place, a\nremote attacker could possibly use this to cause a denial of service\n(system crash). (CVE-2022-36946)\n\n",null,[],[],[],[14,16,18,20,22,24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68],{"_key":15},"CVE-2021-33655",{"_key":17},"CVE-2021-33656",{"_key":19},"CVE-2021-4037",{"_key":21},"CVE-2022-0850",{"_key":23},"CVE-2022-1199",{"_key":25},"CVE-2022-1204",{"_key":27},"CVE-2022-1729",{"_key":29},"CVE-2022-20368",{"_key":31},"CVE-2022-2639",{"_key":33},"CVE-2022-2964",{"_key":35},"CVE-2022-2978",{"_key":37},"CVE-2022-3028",{"_key":39},"CVE-2022-3202",{"_key":41},"CVE-2022-36946",{"_key":43},"UBUNTU-CVE-2021-33655",{"_key":45},"UBUNTU-CVE-2021-33656",{"_key":47},"UBUNTU-CVE-2021-4037",{"_key":49},"UBUNTU-CVE-2022-0850",{"_key":51},"UBUNTU-CVE-2022-1199",{"_key":53},"UBUNTU-CVE-2022-1204",{"_key":55},"UBUNTU-CVE-2022-1729",{"_key":57},"UBUNTU-CVE-2022-20368",{"_key":59},"UBUNTU-CVE-2022-2639",{"_key":61},"UBUNTU-CVE-2022-2964",{"_key":63},"UBUNTU-CVE-2022-2978",{"_key":65},"UBUNTU-CVE-2022-3028",{"_key":67},"UBUNTU-CVE-2022-3202",{"_key":69},"UBUNTU-CVE-2022-36946",[],[],[73,74,75,76,77,78,79,80,81,82,83,84,85,86],{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":61},{"_key":63},{"_key":65},{"_key":67},{"_key":69},"2022-09-30T21:51:28Z","2026-06-03T13:34:14.252294622Z",{"cisa_kev":90,"cisa_ransomware":90,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[92,98,103,107,111,115,119,123,127,131,135,139,143,147,151],{"url":93,"sources":94,"tags":96},"https://ubuntu.com/security/notices/USN-5650-1",[95],"osv_ubuntu",[97],"Advisory",{"url":99,"sources":100,"tags":101},"https://ubuntu.com/security/CVE-2021-4037",[95],[102],"REPORT",{"url":104,"sources":105,"tags":106},"https://ubuntu.com/security/CVE-2021-33655",[95],[102],{"url":108,"sources":109,"tags":110},"https://ubuntu.com/security/CVE-2021-33656",[95],[102],{"url":112,"sources":113,"tags":114},"https://ubuntu.com/security/CVE-2022-0850",[95],[102],{"url":116,"sources":117,"tags":118},"https://ubuntu.com/security/CVE-2022-1199",[95],[102],{"url":120,"sources":121,"tags":122},"https://ubuntu.com/security/CVE-2022-1204",[95],[102],{"url":124,"sources":125,"tags":126},"https://ubuntu.com/security/CVE-2022-1729",[95],[102],{"url":128,"sources":129,"tags":130},"https://ubuntu.com/security/CVE-2022-2639",[95],[102],{"url":132,"sources":133,"tags":134},"https://ubuntu.com/security/CVE-2022-2964",[95],[102],{"url":136,"sources":137,"tags":138},"https://ubuntu.com/security/CVE-2022-2978",[95],[102],{"url":140,"sources":141,"tags":142},"https://ubuntu.com/security/CVE-2022-3028",[95],[102],{"url":144,"sources":145,"tags":146},"https://ubuntu.com/security/CVE-2022-3202",[95],[102],{"url":148,"sources":149,"tags":150},"https://ubuntu.com/security/CVE-2022-20368",[95],[102],{"url":152,"sources":153,"tags":154},"https://ubuntu.com/security/CVE-2022-36946",[95],[102],[],[],[],[159,171,180,186],{"ecosystem":160,"name":161,"vendor":162,"product":161,"cpe_part":9,"purl_type":163,"purl_namespace":162,"purl_name":161,"source":9,"versions":164},"Ubuntu","linux","ubuntu","deb",[165],{"version":166,"is_range":167,"range_type":168,"version_start":9,"version_start_type":9,"version_end":169,"version_end_type":170,"fixed_in":9},"lt4_4_0_234_268",true,"ecosystem","4.4.0-234.268","excluding",{"ecosystem":160,"name":172,"vendor":162,"product":172,"cpe_part":9,"purl_type":163,"purl_namespace":162,"purl_name":172,"source":9,"versions":173},"linux-aws",[174,177],{"version":175,"is_range":167,"range_type":168,"version_start":9,"version_start_type":9,"version_end":176,"version_end_type":170,"fixed_in":9},"lt4_4_0_1113_119","4.4.0-1113.119",{"version":178,"is_range":167,"range_type":168,"version_start":9,"version_start_type":9,"version_end":179,"version_end_type":170,"fixed_in":9},"lt4_4_0_1151_166","4.4.0-1151.166",{"ecosystem":160,"name":181,"vendor":162,"product":181,"cpe_part":9,"purl_type":163,"purl_namespace":162,"purl_name":181,"source":9,"versions":182},"linux-kvm",[183],{"version":184,"is_range":167,"range_type":168,"version_start":9,"version_start_type":9,"version_end":185,"version_end_type":170,"fixed_in":9},"lt4_4_0_1114_124","4.4.0-1114.124",{"ecosystem":160,"name":187,"vendor":162,"product":187,"cpe_part":9,"purl_type":163,"purl_namespace":162,"purl_name":187,"source":9,"versions":188},"linux-lts-xenial",[189],{"version":190,"is_range":167,"range_type":168,"version_start":9,"version_start_type":9,"version_end":191,"version_end_type":170,"fixed_in":9},"lt4_4_0_234_268~14_04_1","4.4.0-234.268~14.04.1"]