It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. (CVE-2022-21499)
Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1966)
Billy Jheng Bing Jhong discovered that the CIFS network file system implementation in the Linux kernel did not properly validate arguments to ioctl() in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-0168)
Hu Jiahui discovered that multiple race conditions existed in the Advanced Linux Sound Architecture (ALSA) framework, leading to use-after-free vulnerabilities. A local attacker could use these to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1048)
Qiuhao Li, Gaoning Pan and Yongkang Jia discovered that the KVM implementation in the Linux kernel did not properly perform guest page table updates in some situations. An attacker in a guest vm could possibly use this to crash the host OS. (CVE-2022-1158)
It was discovered that the implementation of the 6pack and mkiss protocols in the Linux kernel did not handle detach events properly in some situations, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-1195)
Duoming Zhou discovered that the 6pack protocol implementation in the Linux kernel did not handle detach events properly in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-1198)
Duoming Zhou discovered that the AX.25 amateur radio protocol implementation in the Linux kernel did not handle detach events properly in some situations. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1199)
Duoming Zhou discovered race conditions in the AX.25 amateur radio protocol implementation in the Linux kernel during device detach operations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-1204)
Duoming Zhou discovered race conditions in the AX.25 amateur radio protocol implementation in the Linux kernel, leading to use-after-free vulnerabilities. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-1205)
Qiuhao Li, Gaoning Pan, and Yongkang Jia discovered that the kvm implementation in the Linux kernel did not handle releasing a virtual cpu properly. A local attacker in a guest VM coud possibly use this to cause a denial of service (host system crash). (CVE-2022-1263)
It was discovered that the PF_KEYv2 implementation in the Linux kernel did not properly initialize kernel memory in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2022-1353)
It was discovered that the implementation of X.25 network protocols in the Linux kernel did not terminate link layer sessions properly. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-1516)
It was discovered that the ACRN Hypervisor Service Module implementation in the Linux kernel did not properly deallocate memory in some situations. A local privileged attacker could possibly use this to cause a denial of service (memory exhaustion). (CVE-2022-1651)
It was discovered that the RxRPC session socket implementation in the Linux kernel did not properly handle ioctls called when no security protocol is given. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2022-1671)
Ziming Zhang discovered that the netfilter subsystem in the Linux kernel did not properly validate sets with multiple ranged fields. A local attacker could use this to cause a denial of service or execute arbitrary code. (CVE-2022-1972)
赵子轩 discovered that the 802.2 LLC type 2 driver in the Linux kernel did not properly perform reference counting in some error conditions. A local attacker could use this to cause a denial of service. (CVE-2022-28356)
It was discovered that the 8 Devices USB2CAN interface implementation in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-28388)
It was discovered that the Microchip CAN BUS Analyzer interface implementation in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-28389)
It was discovered that the EMS CAN/USB interface implementation in the Linux kernel contained a double-free vulnerability when handling certain error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2022-28390)
{ "availability": "No subscription required", "binaries": [ { "linux-cloud-tools-common": "5.15.0-37.39", "linux-image-5.15.0-37-generic-dbgsym": "5.15.0-37.39", "linux-cloud-tools-5.15.0-37-generic": "5.15.0-37.39", "linux-libc-dev": "5.15.0-37.39", "linux-doc": "5.15.0-37.39", "linux-headers-5.15.0-37-generic-lpae": "5.15.0-37.39", "linux-modules-5.15.0-37-generic-lpae": "5.15.0-37.39", "linux-tools-5.15.0-37": "5.15.0-37.39", "linux-image-unsigned-5.15.0-37-generic-64k-dbgsym": "5.15.0-37.39", "linux-tools-5.15.0-37-generic-lpae": "5.15.0-37.39", "linux-source-5.15.0": "5.15.0-37.39", "linux-buildinfo-5.15.0-37-generic-64k": "5.15.0-37.39", "linux-headers-5.15.0-37": "5.15.0-37.39", "linux-buildinfo-5.15.0-37-generic": "5.15.0-37.39", "linux-image-5.15.0-37-generic-lpae-dbgsym": "5.15.0-37.39", "linux-buildinfo-5.15.0-37-generic-lpae": "5.15.0-37.39", "linux-image-unsigned-5.15.0-37-generic": "5.15.0-37.39", "linux-modules-extra-5.15.0-37-generic": "5.15.0-37.39", "linux-tools-5.15.0-37-generic": "5.15.0-37.39", "linux-tools-host": "5.15.0-37.39", "linux-image-5.15.0-37-generic-lpae": "5.15.0-37.39", "linux-image-5.15.0-37-generic": "5.15.0-37.39", "linux-modules-5.15.0-37-generic-64k": "5.15.0-37.39", "linux-image-unsigned-5.15.0-37-generic-64k": "5.15.0-37.39", "linux-headers-5.15.0-37-generic": "5.15.0-37.39", "linux-headers-5.15.0-37-generic-64k": "5.15.0-37.39", "linux-cloud-tools-5.15.0-37": "5.15.0-37.39", "linux-modules-5.15.0-37-generic": "5.15.0-37.39", "linux-tools-5.15.0-37-generic-64k": "5.15.0-37.39", "linux-tools-common": "5.15.0-37.39", "linux-image-unsigned-5.15.0-37-generic-dbgsym": "5.15.0-37.39" } ] }
{ "availability": "No subscription required", "binaries": [ { "linux-aws-headers-5.15.0-1011": "5.15.0-1011.14", "linux-modules-5.15.0-1011-aws": "5.15.0-1011.14", "linux-tools-5.15.0-1011-aws": "5.15.0-1011.14", "linux-buildinfo-5.15.0-1011-aws": "5.15.0-1011.14", "linux-aws-cloud-tools-5.15.0-1011": "5.15.0-1011.14", "linux-image-unsigned-5.15.0-1011-aws": "5.15.0-1011.14", "linux-image-unsigned-5.15.0-1011-aws-dbgsym": "5.15.0-1011.14", "linux-modules-extra-5.15.0-1011-aws": "5.15.0-1011.14", "linux-aws-tools-5.15.0-1011": "5.15.0-1011.14", "linux-headers-5.15.0-1011-aws": "5.15.0-1011.14", "linux-cloud-tools-5.15.0-1011-aws": "5.15.0-1011.14" } ] }
{ "availability": "No subscription required", "binaries": [ { "linux-azure-cloud-tools-5.15.0-1010": "5.15.0-1010.12", "linux-image-unsigned-5.15.0-1010-azure": "5.15.0-1010.12", "linux-headers-5.15.0-1010-azure": "5.15.0-1010.12", "linux-modules-5.15.0-1010-azure": "5.15.0-1010.12", "linux-buildinfo-5.15.0-1010-azure": "5.15.0-1010.12", "linux-modules-extra-5.15.0-1010-azure": "5.15.0-1010.12", "linux-cloud-tools-5.15.0-1010-azure": "5.15.0-1010.12", "linux-tools-5.15.0-1010-azure": "5.15.0-1010.12", "linux-azure-headers-5.15.0-1010": "5.15.0-1010.12", "linux-azure-tools-5.15.0-1010": "5.15.0-1010.12", "linux-image-unsigned-5.15.0-1010-azure-dbgsym": "5.15.0-1010.12" } ] }
{ "availability": "No subscription required", "binaries": [ { "linux-modules-5.15.0-1008-gcp": "5.15.0-1008.12", "linux-gcp-headers-5.15.0-1008": "5.15.0-1008.12", "linux-modules-extra-5.15.0-1008-gcp": "5.15.0-1008.12", "linux-gcp-tools-5.15.0-1008": "5.15.0-1008.12", "linux-image-unsigned-5.15.0-1008-gcp": "5.15.0-1008.12", "linux-buildinfo-5.15.0-1008-gcp": "5.15.0-1008.12", "linux-headers-5.15.0-1008-gcp": "5.15.0-1008.12", "linux-tools-5.15.0-1008-gcp": "5.15.0-1008.12", "linux-image-unsigned-5.15.0-1008-gcp-dbgsym": "5.15.0-1008.12" } ] }
{ "availability": "No subscription required", "binaries": [ { "linux-gke-headers-5.15.0-1008": "5.15.0-1008.10", "linux-buildinfo-5.15.0-1008-gke": "5.15.0-1008.10", "linux-image-unsigned-5.15.0-1008-gke-dbgsym": "5.15.0-1008.10", "linux-modules-5.15.0-1008-gke": "5.15.0-1008.10", "linux-headers-5.15.0-1008-gke": "5.15.0-1008.10", "linux-tools-5.15.0-1008-gke": "5.15.0-1008.10", "linux-image-unsigned-5.15.0-1008-gke": "5.15.0-1008.10", "linux-modules-extra-5.15.0-1008-gke": "5.15.0-1008.10", "linux-gke-tools-5.15.0-1008": "5.15.0-1008.10" } ] }
{ "availability": "No subscription required", "binaries": [ { "linux-ibm-tools-common": "5.15.0-1007.8", "linux-headers-5.15.0-1007-ibm": "5.15.0-1007.8", "linux-ibm-source-5.15.0": "5.15.0-1007.8", "linux-buildinfo-5.15.0-1007-ibm": "5.15.0-1007.8", "linux-ibm-headers-5.15.0-1007": "5.15.0-1007.8", "linux-image-unsigned-5.15.0-1007-ibm-dbgsym": "5.15.0-1007.8", "linux-modules-extra-5.15.0-1007-ibm": "5.15.0-1007.8", "linux-ibm-tools-5.15.0-1007": "5.15.0-1007.8", "linux-modules-5.15.0-1007-ibm": "5.15.0-1007.8", "linux-tools-5.15.0-1007-ibm": "5.15.0-1007.8", "linux-ibm-cloud-tools-common": "5.15.0-1007.8", "linux-image-unsigned-5.15.0-1007-ibm": "5.15.0-1007.8" } ] }
{ "availability": "No subscription required", "binaries": [ { "linux-buildinfo-5.15.0-1008-intel-iotg": "5.15.0-1008.11", "linux-image-unsigned-5.15.0-1008-intel-iotg-dbgsym": "5.15.0-1008.11", "linux-image-unsigned-5.15.0-1008-intel-iotg": "5.15.0-1008.11", "linux-intel-iotg-tools-host": "5.15.0-1008.11", "linux-modules-extra-5.15.0-1008-intel-iotg": "5.15.0-1008.11", "linux-intel-iotg-headers-5.15.0-1008": "5.15.0-1008.11", "linux-cloud-tools-5.15.0-1008-intel-iotg": "5.15.0-1008.11", "linux-intel-iotg-cloud-tools-common": "5.15.0-1008.11", "linux-intel-iotg-cloud-tools-5.15.0-1008": "5.15.0-1008.11", "linux-intel-iotg-tools-5.15.0-1008": "5.15.0-1008.11", "linux-tools-5.15.0-1008-intel-iotg": "5.15.0-1008.11", "linux-intel-iotg-tools-common": "5.15.0-1008.11", "linux-modules-5.15.0-1008-intel-iotg": "5.15.0-1008.11", "linux-headers-5.15.0-1008-intel-iotg": "5.15.0-1008.11" } ] }
{ "availability": "No subscription required", "binaries": [ { "linux-buildinfo-5.15.0-1010-kvm": "5.15.0-1010.11", "linux-headers-5.15.0-1010-kvm": "5.15.0-1010.11", "linux-image-unsigned-5.15.0-1010-kvm": "5.15.0-1010.11", "linux-kvm-tools-5.15.0-1010": "5.15.0-1010.11", "linux-tools-5.15.0-1010-kvm": "5.15.0-1010.11", "linux-kvm-headers-5.15.0-1010": "5.15.0-1010.11", "linux-modules-5.15.0-1010-kvm": "5.15.0-1010.11", "linux-image-unsigned-5.15.0-1010-kvm-dbgsym": "5.15.0-1010.11" } ] }
{ "availability": "No subscription required", "binaries": [ { "linux-image-unsigned-5.15.0-37-lowlatency": "5.15.0-37.39", "linux-image-unsigned-5.15.0-37-lowlatency-64k": "5.15.0-37.39", "linux-lowlatency-tools-common": "5.15.0-37.39", "linux-modules-5.15.0-37-lowlatency": "5.15.0-37.39", "linux-modules-5.15.0-37-lowlatency-64k": "5.15.0-37.39", "linux-buildinfo-5.15.0-37-lowlatency-64k": "5.15.0-37.39", "linux-image-unsigned-5.15.0-37-lowlatency-64k-dbgsym": "5.15.0-37.39", "linux-lowlatency-cloud-tools-5.15.0-37": "5.15.0-37.39", "linux-cloud-tools-5.15.0-37-lowlatency": "5.15.0-37.39", "linux-lowlatency-cloud-tools-common": "5.15.0-37.39", "linux-lowlatency-tools-host": "5.15.0-37.39", "linux-buildinfo-5.15.0-37-lowlatency": "5.15.0-37.39", "linux-tools-5.15.0-37-lowlatency": "5.15.0-37.39", "linux-tools-5.15.0-37-lowlatency-64k": "5.15.0-37.39", "linux-headers-5.15.0-37-lowlatency-64k": "5.15.0-37.39", "linux-lowlatency-headers-5.15.0-37": "5.15.0-37.39", "linux-lowlatency-tools-5.15.0-37": "5.15.0-37.39", "linux-image-unsigned-5.15.0-37-lowlatency-dbgsym": "5.15.0-37.39", "linux-headers-5.15.0-37-lowlatency": "5.15.0-37.39" } ] }
{ "availability": "No subscription required", "binaries": [ { "linux-modules-extra-5.15.0-1009-oracle": "5.15.0-1009.12", "linux-headers-5.15.0-1009-oracle": "5.15.0-1009.12", "linux-image-unsigned-5.15.0-1009-oracle": "5.15.0-1009.12", "linux-modules-5.15.0-1009-oracle": "5.15.0-1009.12", "linux-oracle-headers-5.15.0-1009": "5.15.0-1009.12", "linux-oracle-tools-5.15.0-1009": "5.15.0-1009.12", "linux-image-unsigned-5.15.0-1009-oracle-dbgsym": "5.15.0-1009.12", "linux-tools-5.15.0-1009-oracle": "5.15.0-1009.12", "linux-buildinfo-5.15.0-1009-oracle": "5.15.0-1009.12" } ] }
{ "availability": "No subscription required", "binaries": [ { "linux-modules-extra-5.15.0-1011-raspi": "5.15.0-1011.13", "linux-image-5.15.0-1011-raspi-nolpae-dbgsym": "5.15.0-1011.13", "linux-headers-5.15.0-1011-raspi-nolpae": "5.15.0-1011.13", "linux-image-5.15.0-1011-raspi-nolpae": "5.15.0-1011.13", "linux-image-5.15.0-1011-raspi-dbgsym": "5.15.0-1011.13", "linux-raspi-headers-5.15.0-1011": "5.15.0-1011.13", "linux-buildinfo-5.15.0-1011-raspi-nolpae": "5.15.0-1011.13", "linux-modules-5.15.0-1011-raspi-nolpae": "5.15.0-1011.13", "linux-image-5.15.0-1011-raspi": "5.15.0-1011.13", "linux-headers-5.15.0-1011-raspi": "5.15.0-1011.13", "linux-modules-5.15.0-1011-raspi": "5.15.0-1011.13", "linux-tools-5.15.0-1011-raspi-nolpae": "5.15.0-1011.13", "linux-modules-extra-5.15.0-1011-raspi-nolpae": "5.15.0-1011.13", "linux-buildinfo-5.15.0-1011-raspi": "5.15.0-1011.13", "linux-raspi-tools-5.15.0-1011": "5.15.0-1011.13", "linux-tools-5.15.0-1011-raspi": "5.15.0-1011.13" } ] }