[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-USN-5941-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":86,"duplicates":87,"related":88,"reserved_at":9,"published_at":107,"modified_at":108,"state":9,"summary":109,"references_raw":111,"kevs":191,"epss":9,"epss_history":192,"metrics":193,"affected":194},"USN-5941-1","linux-kvm vulnerabilities\n\nIt was discovered that the Upper Level Protocol (ULP) subsystem in the\nLinux kernel did not properly handle sockets entering the LISTEN state in\ncertain protocols, leading to a use-after-free vulnerability. A local\nattacker could use this to cause a denial of service (system crash) or\npossibly execute arbitrary code. (CVE-2023-0461)\n\nDavide Ornaghi discovered that the netfilter subsystem in the Linux kernel\ndid not properly handle VLAN headers in some situations. A local attacker\ncould use this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2023-0179)\n\nIt was discovered that the NVMe driver in the Linux kernel did not properly\nhandle reset events in some situations. A local attacker could use this to\ncause a denial of service (system crash). (CVE-2022-3169)\n\nMaxim Levitsky discovered that the KVM nested virtualization (SVM)\nimplementation for AMD processors in the Linux kernel did not properly\nhandle nested shutdown execution. An attacker in a guest vm could use this\nto cause a denial of service (host kernel crash) (CVE-2022-3344)\n\nGwangun Jung discovered a race condition in the IPv4 implementation in the\nLinux kernel when deleting multipath routes, resulting in an out-of-bounds\nread. An attacker could use this to cause a denial of service (system\ncrash) or possibly expose sensitive information (kernel memory).\n(CVE-2022-3435)\n\nIt was discovered that a race condition existed in the Kernel Connection\nMultiplexor (KCM) socket implementation in the Linux kernel when releasing\nsockets in certain situations. A local attacker could use this to cause a\ndenial of service (system crash). (CVE-2022-3521)\n\nIt was discovered that the Netronome Ethernet driver in the Linux kernel\ncontained a use-after-free vulnerability. A local attacker could use this\nto cause a denial of service (system crash) or possibly execute arbitrary\ncode. (CVE-2022-3545)\n\nIt was discovered that the Intel i915 graphics driver in the Linux kernel\ndid not perform a GPU TLB flush in some situations. A local attacker could\nuse this to cause a denial of service or possibly execute arbitrary code.\n(CVE-2022-4139)\n\nIt was discovered that a race condition existed in the Xen network backend\ndriver in the Linux kernel when handling dropped packets in certain\ncircumstances. An attacker could use this to cause a denial of service\n(kernel deadlock). (CVE-2022-42328, CVE-2022-42329)\n\nIt was discovered that the NFSD implementation in the Linux kernel\ncontained a use-after-free vulnerability. A remote attacker could possibly\nuse this to cause a denial of service (system crash) or execute arbitrary\ncode. (CVE-2022-4379)\n\nIt was discovered that a race condition existed in the x86 KVM subsystem\nimplementation in the Linux kernel when nested virtualization and the TDP\nMMU are enabled. An attacker in a guest vm could use this to cause a denial\nof service (host OS crash). (CVE-2022-45869)\n\nIt was discovered that the Atmel WILC1000 driver in the Linux kernel did\nnot properly validate the number of channels, leading to an out-of-bounds\nwrite vulnerability. An attacker could use this to cause a denial of\nservice (system crash) or possibly execute arbitrary code. (CVE-2022-47518)\n\nIt was discovered that the Atmel WILC1000 driver in the Linux kernel did\nnot properly validate specific attributes, leading to an out-of-bounds\nwrite vulnerability. An attacker could use this to cause a denial of\nservice (system crash) or possibly execute arbitrary code. (CVE-2022-47519)\n\nIt was discovered that the Atmel WILC1000 driver in the Linux kernel did\nnot properly validate offsets, leading to an out-of-bounds read\nvulnerability. An attacker could use this to cause a denial of service\n(system crash). (CVE-2022-47520)\n\nIt was discovered that the Atmel WILC1000 driver in the Linux kernel did\nnot properly validate specific attributes, leading to a heap-based buffer\noverflow. An attacker could use this to cause a denial of service (system\ncrash) or possibly execute arbitrary code. (CVE-2022-47521)\n\nLin Ma discovered a race condition in the io_uring subsystem in the Linux\nkernel, leading to a null pointer dereference vulnerability. A local\nattacker could use this to cause a denial of service (system crash).\n(CVE-2023-0468)\n\nIt was discovered that the file system writeback functionality in the Linux\nkernel contained a user-after-free vulnerability. A local attacker could\npossibly use this to cause a denial of service (system crash) or execute\narbitrary code. (CVE-2023-26605)\n",null,[],[],[],[14,16,18,20,22,24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84],{"_key":15},"CVE-2022-3169",{"_key":17},"CVE-2022-3344",{"_key":19},"CVE-2022-3435",{"_key":21},"CVE-2022-3521",{"_key":23},"CVE-2022-3545",{"_key":25},"CVE-2022-4139",{"_key":27},"CVE-2022-42328",{"_key":29},"CVE-2022-42329",{"_key":31},"CVE-2022-4379",{"_key":33},"CVE-2022-45869",{"_key":35},"CVE-2022-47518",{"_key":37},"CVE-2022-47519",{"_key":39},"CVE-2022-47520",{"_key":41},"CVE-2022-47521",{"_key":43},"CVE-2023-0179",{"_key":45},"CVE-2023-0461",{"_key":47},"CVE-2023-0468",{"_key":49},"CVE-2023-26605",{"_key":51},"UBUNTU-CVE-2022-3169",{"_key":53},"UBUNTU-CVE-2022-3344",{"_key":55},"UBUNTU-CVE-2022-3435",{"_key":57},"UBUNTU-CVE-2022-3521",{"_key":59},"UBUNTU-CVE-2022-3545",{"_key":61},"UBUNTU-CVE-2022-4139",{"_key":63},"UBUNTU-CVE-2022-42328",{"_key":65},"UBUNTU-CVE-2022-42329",{"_key":67},"UBUNTU-CVE-2022-4379",{"_key":69},"UBUNTU-CVE-2022-45869",{"_key":71},"UBUNTU-CVE-2022-47518",{"_key":73},"UBUNTU-CVE-2022-47519",{"_key":75},"UBUNTU-CVE-2022-47520",{"_key":77},"UBUNTU-CVE-2022-47521",{"_key":79},"UBUNTU-CVE-2023-0179",{"_key":81},"UBUNTU-CVE-2023-0461",{"_key":83},"UBUNTU-CVE-2023-0468",{"_key":85},"UBUNTU-CVE-2023-26605",[],[],[89,90,91,92,93,94,95,96,97,98,99,100,101,102,103,104,105,106],{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":61},{"_key":63},{"_key":65},{"_key":67},{"_key":69},{"_key":71},{"_key":73},{"_key":75},{"_key":77},{"_key":79},{"_key":81},{"_key":83},{"_key":85},"2023-03-09T13:03:00Z","2026-06-03T14:03:37.769064175Z",{"cisa_kev":110,"cisa_ransomware":110,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[112,118,123,127,131,135,139,143,147,151,155,159,163,167,171,175,179,183,187],{"url":113,"sources":114,"tags":116},"https://ubuntu.com/security/notices/USN-5941-1",[115],"osv_ubuntu",[117],"Advisory",{"url":119,"sources":120,"tags":121},"https://ubuntu.com/security/CVE-2022-3169",[115],[122],"REPORT",{"url":124,"sources":125,"tags":126},"https://ubuntu.com/security/CVE-2022-3344",[115],[122],{"url":128,"sources":129,"tags":130},"https://ubuntu.com/security/CVE-2022-3435",[115],[122],{"url":132,"sources":133,"tags":134},"https://ubuntu.com/security/CVE-2022-3521",[115],[122],{"url":136,"sources":137,"tags":138},"https://ubuntu.com/security/CVE-2022-3545",[115],[122],{"url":140,"sources":141,"tags":142},"https://ubuntu.com/security/CVE-2022-4139",[115],[122],{"url":144,"sources":145,"tags":146},"https://ubuntu.com/security/CVE-2022-4379",[115],[122],{"url":148,"sources":149,"tags":150},"https://ubuntu.com/security/CVE-2022-42328",[115],[122],{"url":152,"sources":153,"tags":154},"https://ubuntu.com/security/CVE-2022-42329",[115],[122],{"url":156,"sources":157,"tags":158},"https://ubuntu.com/security/CVE-2022-45869",[115],[122],{"url":160,"sources":161,"tags":162},"https://ubuntu.com/security/CVE-2022-47518",[115],[122],{"url":164,"sources":165,"tags":166},"https://ubuntu.com/security/CVE-2022-47519",[115],[122],{"url":168,"sources":169,"tags":170},"https://ubuntu.com/security/CVE-2022-47520",[115],[122],{"url":172,"sources":173,"tags":174},"https://ubuntu.com/security/CVE-2022-47521",[115],[122],{"url":176,"sources":177,"tags":178},"https://ubuntu.com/security/CVE-2023-0179",[115],[122],{"url":180,"sources":181,"tags":182},"https://ubuntu.com/security/CVE-2023-0461",[115],[122],{"url":184,"sources":185,"tags":186},"https://ubuntu.com/security/CVE-2023-0468",[115],[122],{"url":188,"sources":189,"tags":190},"https://ubuntu.com/security/CVE-2023-26605",[115],[122],[],[],[],[195],{"ecosystem":196,"name":197,"vendor":198,"product":197,"cpe_part":9,"purl_type":199,"purl_namespace":198,"purl_name":197,"source":9,"versions":200},"Ubuntu","linux-kvm","ubuntu","deb",[201],{"version":202,"is_range":203,"range_type":204,"version_start":9,"version_start_type":9,"version_end":205,"version_end_type":206,"fixed_in":9},"lt5_15_0_1029_34",true,"ecosystem","5.15.0-1029.34","excluding"]