USN-5691-1

Advisory lineage Upstream: 8 Downstream: 0
Published: 19 Oct 2022, 21:24
Last modified:03 Jun 2026, 13:34

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

19 Oct 2022, 21:24
Published
Vulnerability first disclosed
03 Jun 2026, 13:34
Last Modified
Vulnerability information updated

Description

linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-bluefield, linux-gcp, linux-gcp-5.4, linux-gke, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities David Bouman and Billy Jheng Bing Jhong discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-2602) Sönke Huster discovered that an integer overflow vulnerability existed in the WiFi driver stack in the Linux kernel, leading to a buffer overflow. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-41674) Sönke Huster discovered that the WiFi driver stack in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42720) Sönke Huster discovered that the WiFi driver stack in the Linux kernel did not properly handle BSSID/SSID lists in some situations. A physically proximate attacker could use this to cause a denial of service (infinite loop). (CVE-2022-42721)

Affected Systems

  • ubuntulinux

    < 5.4.0-131.147

  • ubuntulinux-aws

    < 5.4.0-1088.96

  • ubuntulinux-aws-5.4

    < 5.4.0-1088.96~18.04.1

  • ubuntulinux-azure

    < 5.4.0-1094.100

  • ubuntulinux-azure-5.4

    < 5.4.0-1094.100~18.04.1

  • ubuntulinux-bluefield

    < 5.4.0-1049.55

  • ubuntulinux-gcp

    < 5.4.0-1092.101

  • ubuntulinux-gcp-5.4

    < 5.4.0-1092.101~18.04.1

  • ubuntulinux-gke

    < 5.4.0-1086.93

  • ubuntulinux-gkeop

    < 5.4.0-1056.60

  • ubuntulinux-hwe-5.4

    < 5.4.0-131.147~18.04.1

  • ubuntulinux-ibm

    < 5.4.0-1036.41

  • ubuntulinux-ibm-5.4

    < 5.4.0-1036.41~18.04.1

  • ubuntulinux-kvm

    < 5.4.0-1078.84

  • ubuntulinux-oracle

    < 5.4.0-1086.95

  • ubuntulinux-oracle-5.4

    < 5.4.0-1086.95~18.04.1

  • ubuntulinux-raspi

    < 5.4.0-1073.84

  • ubuntulinux-raspi-5.4

    < 5.4.0-1073.84~18.04.1

References (5)