LSN-0089-1

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/notices/LSN-0089-1

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/lsn/LSN-0089-1.json

JSON Data

https://api.test.osv.dev/v1/vulns/LSN-0089-1

Related

Published

2022-08-24T07:09:26Z

Modified

2022-08-24T07:09:26Z

Summary

Kernel Live Patch Security Notice

Details

Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1966)

Ziming Zhang discovered that the netfilter subsystem in the Linux kernel did not properly validate sets with multiple ranged fields. A local attacker could use this to cause a denial of service or execute arbitrary code.(CVE-2022-1972)

It was discovered that the implementation of POSIX timers in the Linux kernel did not properly clean up timers in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code.(CVE-2022-2585)

It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code.(CVE-2022-2586)

Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code.(CVE-2022-2588)

It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions.(CVE-2022-21499)

Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code.(CVE-2022-29581)

Arthur Mongodin discovered that the netfilter subsystem in the Linux kernel did not properly perform data validation. A local attacker could use this to escalate privileges in certain situations.(CVE-2022-34918)

References

Affected packages

Ubuntu:Pro:14.04:LTS / linux-lts-xenial

Package

Name: linux-lts-xenial
Purl: pkg:deb/ubuntu/linux-lts-xenial@4.4.0-231.265~14.04.1?arch=source&distro=trusty/esm

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.4.0-231.265~14.04.1

Affected versions

4.*

4.4.0-13.29~14.04.1

4.4.0-14.30~14.04.2

4.4.0-15.31~14.04.1

4.4.0-18.34~14.04.1

4.4.0-21.37~14.04.1

4.4.0-22.39~14.04.1

4.4.0-22.40~14.04.1

4.4.0-24.43~14.04.1

4.4.0-28.47~14.04.1

4.4.0-31.50~14.04.1

4.4.0-34.53~14.04.1

4.4.0-36.55~14.04.1

4.4.0-38.57~14.04.1

4.4.0-42.62~14.04.1

4.4.0-45.66~14.04.1

4.4.0-47.68~14.04.1

4.4.0-51.72~14.04.1

4.4.0-53.74~14.04.1

4.4.0-57.78~14.04.1

4.4.0-59.80~14.04.1

4.4.0-62.83~14.04.1

4.4.0-63.84~14.04.2

4.4.0-64.85~14.04.1

4.4.0-66.87~14.04.1

4.4.0-67.88~14.04.1

4.4.0-70.91~14.04.1

4.4.0-71.92~14.04.1

4.4.0-72.93~14.04.1

4.4.0-75.96~14.04.1

4.4.0-78.99~14.04.2

4.4.0-79.100~14.04.1

4.4.0-81.104~14.04.1

4.4.0-83.106~14.04.1

4.4.0-87.110~14.04.1

4.4.0-89.112~14.04.1

4.4.0-91.114~14.04.1

4.4.0-92.115~14.04.1

4.4.0-93.116~14.04.1

4.4.0-96.119~14.04.1

4.4.0-97.120~14.04.1

4.4.0-98.121~14.04.1

4.4.0-101.124~14.04.1

4.4.0-103.126~14.04.1

4.4.0-104.127~14.04.1

4.4.0-108.131~14.04.1

4.4.0-109.132~14.04.1

4.4.0-111.134~14.04.1

4.4.0-112.135~14.04.1

4.4.0-116.140~14.04.1

4.4.0-119.143~14.04.1

4.4.0-121.145~14.04.1

4.4.0-124.148~14.04.1

4.4.0-127.153~14.04.1

4.4.0-128.154~14.04.1

4.4.0-130.156~14.04.1

4.4.0-131.157~14.04.1

4.4.0-133.159~14.04.1

4.4.0-134.160~14.04.1

4.4.0-135.161~14.04.1

4.4.0-137.163~14.04.1

4.4.0-138.164~14.04.1

4.4.0-139.165~14.04.1

4.4.0-140.166~14.04.1

4.4.0-141.167~14.04.1

4.4.0-142.168~14.04.1

4.4.0-143.169~14.04.2

4.4.0-144.170~14.04.1

4.4.0-146.172~14.04.1

4.4.0-148.174~14.04.1

4.4.0-164.192~14.04.1

4.4.0-165.193~14.04.1

4.4.0-166.195~14.04.1

4.4.0-168.197~14.04.1

4.4.0-169.198~14.04.1

4.4.0-170.199~14.04.1

4.4.0-171.200~14.04.1

4.4.0-173.203~14.04.1

4.4.0-174.204~14.04.1

4.4.0-176.206~14.04.1

4.4.0-177.207~14.04.1

4.4.0-178.208~14.04.1

4.4.0-179.209~14.04.1

4.4.0-184.214~14.04.1

4.4.0-185.215~14.04.1

4.4.0-186.216~14.04.1

4.4.0-187.217~14.04.1

4.4.0-189.219~14.04.1

4.4.0-190.220~14.04.1

4.4.0-193.224~14.04.1

4.4.0-194.226~14.04.1

4.4.0-197.229~14.04.1

4.4.0-198.230~14.04.1

4.4.0-200.232~14.04.1

4.4.0-201.233~14.04.1

4.4.0-203.235~14.04.1

4.4.0-204.236~14.04.1

4.4.0-206.238~14.04.1

4.4.0-208.240~14.04.1

4.4.0-209.241~14.04.1

4.4.0-210.242~14.04.1

4.4.0-211.243~14.04.1

4.4.0-212.244~14.04.1

4.4.0-213.245~14.04.1

4.4.0-214.246~14.04.1

4.4.0-215.247~14.04.1

4.4.0-218.251~14.04.1

4.4.0-219.252~14.04.1

4.4.0-221.254~14.04.1

4.4.0-222.255~14.04.1

4.4.0-223.256~14.04.1

4.4.0-224.257~14.04.1

4.4.0-227.261~14.04.1

4.4.0-229.263~14.04.1

4.4.0-230.264~14.04.1

Ecosystem specific

{
    "availability": "Livepatch subscription required",
    "module_name_regex": "lkp_Ubuntu_4_4_0[_|\\d]+_(?:generic|lowlatency)_(\\d+)"
}

Ubuntu:Pro:16.04:LTS / linux-aws

Package

Name: linux-aws
Purl: pkg:deb/ubuntu/linux-aws@4.4.0-1147.162?arch=source&distro=esm-infra/xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.4.0-1147.162

Affected versions

4.*

4.4.0-1001.10

4.4.0-1003.12

4.4.0-1004.13

4.4.0-1007.16

4.4.0-1009.18

4.4.0-1011.20

4.4.0-1012.21

4.4.0-1013.22

4.4.0-1016.25

4.4.0-1017.26

4.4.0-1018.27

4.4.0-1020.29

4.4.0-1022.31

4.4.0-1026.35

4.4.0-1028.37

4.4.0-1030.39

4.4.0-1031.40

4.4.0-1032.41

4.4.0-1035.44

4.4.0-1037.46

4.4.0-1038.47

4.4.0-1039.48

4.4.0-1041.50

4.4.0-1043.52

4.4.0-1044.53

4.4.0-1047.56

4.4.0-1048.57

4.4.0-1049.58

4.4.0-1050.59

4.4.0-1052.61

4.4.0-1054.63

4.4.0-1055.64

4.4.0-1057.66

4.4.0-1060.69

4.4.0-1061.70

4.4.0-1062.71

4.4.0-1063.72

4.4.0-1065.75

4.4.0-1066.76

4.4.0-1067.77

4.4.0-1069.79

4.4.0-1070.80

4.4.0-1072.82

4.4.0-1073.83

4.4.0-1074.84

4.4.0-1075.85

4.4.0-1077.87

4.4.0-1079.89

4.4.0-1081.91

4.4.0-1083.93

4.4.0-1084.94

4.4.0-1085.96

4.4.0-1087.98

4.4.0-1088.99

4.4.0-1090.101

4.4.0-1092.103

4.4.0-1094.105

4.4.0-1095.106

4.4.0-1096.107

4.4.0-1098.109

4.4.0-1099.110

4.4.0-1100.111

4.4.0-1101.112

4.4.0-1102.113

4.4.0-1104.115

4.4.0-1105.116

4.4.0-1106.117

4.4.0-1107.118

4.4.0-1109.120

4.4.0-1110.121

4.4.0-1111.123

4.4.0-1112.124

4.4.0-1113.126

4.4.0-1114.127

4.4.0-1117.131

4.4.0-1118.132

4.4.0-1119.133

4.4.0-1121.135

4.4.0-1122.136

4.4.0-1123.137

4.4.0-1124.138

4.4.0-1126.140

4.4.0-1127.141

4.4.0-1128.142

4.4.0-1129.143

4.4.0-1130.144

4.4.0-1131.145

4.4.0-1132.146

4.4.0-1133.147

4.4.0-1134.148

4.4.0-1135.149

4.4.0-1137.151

4.4.0-1138.152

4.4.0-1139.153

4.4.0-1140.154

4.4.0-1143.158

4.4.0-1145.160

4.4.0-1146.161

Ecosystem specific

{
    "availability": "Livepatch subscription required",
    "module_name_regex": "lkp_Ubuntu_4_4_0[_|\\d]+_aws_(\\d+)"
}

Ubuntu:Pro:18.04:LTS / linux-aws

Package

Name: linux-aws
Purl: pkg:deb/ubuntu/linux-aws@4.15.0-1139.150?arch=source&distro=bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.15.0-1139.150

Affected versions

4.*

4.15.0-1001.1

4.15.0-1003.3

4.15.0-1005.5

4.15.0-1006.6

4.15.0-1007.7

4.15.0-1009.9

4.15.0-1010.10

4.15.0-1011.11

4.15.0-1016.16

4.15.0-1017.17

4.15.0-1019.19

4.15.0-1020.20

4.15.0-1021.21

4.15.0-1023.23

4.15.0-1025.25

4.15.0-1027.27

4.15.0-1029.30

4.15.0-1031.33

4.15.0-1032.34

4.15.0-1033.35

4.15.0-1034.36

4.15.0-1035.37

4.15.0-1037.39

4.15.0-1039.41

4.15.0-1040.42

4.15.0-1041.43

4.15.0-1043.45

4.15.0-1044.46

4.15.0-1045.47

4.15.0-1047.49

4.15.0-1048.50

4.15.0-1050.52

4.15.0-1051.53

4.15.0-1052.54

4.15.0-1054.56

4.15.0-1056.58

4.15.0-1057.59

4.15.0-1058.60

4.15.0-1060.62

4.15.0-1063.67

4.15.0-1065.69

4.15.0-1066.70

4.15.0-1067.71

4.15.0-1073.77

4.15.0-1076.80

4.15.0-1077.81

4.15.0-1079.83

4.15.0-1080.84

4.15.0-1082.86

4.15.0-1083.87

4.15.0-1086.91

4.15.0-1087.92

4.15.0-1088.93

4.15.0-1090.95

4.15.0-1091.96

4.15.0-1092.98

4.15.0-1093.99

4.15.0-1094.101

4.15.0-1095.102

4.15.0-1096.103

4.15.0-1097.104

4.15.0-1098.105

4.15.0-1099.106

4.15.0-1101.108

4.15.0-1102.109

4.15.0-1103.110

4.15.0-1106.113

4.15.0-1109.116

4.15.0-1110.117

4.15.0-1111.118

4.15.0-1112.119

4.15.0-1114.121

4.15.0-1115.122

4.15.0-1116.123

4.15.0-1118.125

4.15.0-1119.127

4.15.0-1121.129

4.15.0-1123.132

4.15.0-1124.133

4.15.0-1126.135

4.15.0-1127.136

4.15.0-1128.137

4.15.0-1130.139

4.15.0-1133.143

4.15.0-1136.147

4.15.0-1137.148

Ecosystem specific

{
    "availability": "Livepatch subscription required",
    "module_name_regex": "lkp_Ubuntu_4_15_0[_|\\d]+_aws_(\\d+)"
}

Ubuntu:Pro:20.04:LTS / linux-aws

Package

Name: linux-aws
Purl: pkg:deb/ubuntu/linux-aws@5.4.0-1083.90?arch=source&distro=focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.4.0-1083.90

Affected versions

5.*

5.3.0-1003.3

5.3.0-1008.9

5.3.0-1009.10

5.3.0-1010.11

5.4.0-1005.5

5.4.0-1007.7

5.4.0-1008.8

5.4.0-1009.9

5.4.0-1011.11

5.4.0-1015.15

5.4.0-1017.17

5.4.0-1018.18

5.4.0-1020.20

5.4.0-1021.21

5.4.0-1022.22

5.4.0-1024.24

5.4.0-1025.25

5.4.0-1028.29

5.4.0-1029.30

5.4.0-1030.31

5.4.0-1032.33

5.4.0-1034.35

5.4.0-1035.37

5.4.0-1037.39

5.4.0-1038.40

5.4.0-1039.41

5.4.0-1041.43

5.4.0-1043.45

5.4.0-1045.47

5.4.0-1047.49

5.4.0-1048.50

5.4.0-1049.51

5.4.0-1051.53

5.4.0-1054.57

5.4.0-1055.58

5.4.0-1056.59

5.4.0-1057.60

5.4.0-1058.61

5.4.0-1059.62

5.4.0-1060.63

5.4.0-1061.64

5.4.0-1063.66

5.4.0-1064.67

5.4.0-1065.68

5.4.0-1066.69

5.4.0-1068.72

5.4.0-1069.73

5.4.0-1071.76

5.4.0-1072.77

5.4.0-1073.78

5.4.0-1075.80

5.4.0-1078.84

5.4.0-1080.87

5.4.0-1081.88

Ecosystem specific

{
    "availability": "Livepatch subscription required",
    "module_name_regex": "lkp_Ubuntu_5_4_0[_|\\d]+_aws_(\\d+)"
}

Ubuntu:Pro:22.04:LTS / linux-aws

Package

Name: linux-aws
Purl: pkg:deb/ubuntu/linux-aws@5.15.0-1017.21?arch=source&distro=jammy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.15.0-1017.21

Affected versions

5.*

5.13.0-1005.6

5.15.0-1002.4

5.15.0-1003.5

5.15.0-1004.6

5.15.0-1005.7

5.15.0-1008.10

5.15.0-1009.11

5.15.0-1011.14

5.15.0-1013.17

5.15.0-1014.18

5.15.0-1015.19

Ecosystem specific

{
    "availability": "Livepatch subscription required",
    "module_name_regex": "lkp_Ubuntu_5_15_0[_|\\d]+_aws_(\\d+)"
}