USN-5580-1

See a problem?
Source
https://ubuntu.com/security/notices/USN-5580-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5580-1.json
JSON Data
https://api.osv.dev/v1/vulns/USN-5580-1
Related
Published
2022-08-24T15:49:43.583678Z
Modified
2022-08-24T15:49:43.583678Z
Summary
linux-aws vulnerabilities
Details

It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33655)

It was discovered that the virtual terminal driver in the Linux kernel did not properly handle VGA console font changes, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33656)

It was discovered that the Packet network protocol implementation in the Linux kernel contained an out-of-bounds access. A remote attacker could use this to expose sensitive information (kernel memory). (CVE-2022-20368)

Domingo Dirutigliano and Nicola Guerrera discovered that the netfilter subsystem in the Linux kernel did not properly handle rules that truncated packets below the packet header size. When such rules are in place, a remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-36946)

References

Affected packages

Ubuntu:Pro:16.04:LTS / linux-aws

Package

Name
linux-aws
Purl
pkg:deb/ubuntu/linux-aws@4.4.0-1150.165?arch=src?distro=esm-infra/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.0-1150.165

Affected versions

4.*

4.4.0-1001.10
4.4.0-1003.12
4.4.0-1004.13
4.4.0-1007.16
4.4.0-1009.18
4.4.0-1011.20
4.4.0-1012.21
4.4.0-1013.22
4.4.0-1016.25
4.4.0-1017.26
4.4.0-1018.27
4.4.0-1020.29
4.4.0-1022.31
4.4.0-1026.35
4.4.0-1028.37
4.4.0-1030.39
4.4.0-1031.40
4.4.0-1032.41
4.4.0-1035.44
4.4.0-1037.46
4.4.0-1038.47
4.4.0-1039.48
4.4.0-1041.50
4.4.0-1043.52
4.4.0-1044.53
4.4.0-1047.56
4.4.0-1048.57
4.4.0-1049.58
4.4.0-1050.59
4.4.0-1052.61
4.4.0-1054.63
4.4.0-1055.64
4.4.0-1057.66
4.4.0-1060.69
4.4.0-1061.70
4.4.0-1062.71
4.4.0-1063.72
4.4.0-1065.75
4.4.0-1066.76
4.4.0-1067.77
4.4.0-1069.79
4.4.0-1070.80
4.4.0-1072.82
4.4.0-1073.83
4.4.0-1074.84
4.4.0-1075.85
4.4.0-1077.87
4.4.0-1079.89
4.4.0-1081.91
4.4.0-1083.93
4.4.0-1084.94
4.4.0-1085.96
4.4.0-1087.98
4.4.0-1088.99
4.4.0-1090.101
4.4.0-1092.103
4.4.0-1094.105
4.4.0-1095.106
4.4.0-1096.107
4.4.0-1098.109
4.4.0-1099.110
4.4.0-1100.111
4.4.0-1101.112
4.4.0-1102.113
4.4.0-1104.115
4.4.0-1105.116
4.4.0-1106.117
4.4.0-1107.118
4.4.0-1109.120
4.4.0-1110.121
4.4.0-1111.123
4.4.0-1112.124
4.4.0-1113.126
4.4.0-1114.127
4.4.0-1117.131
4.4.0-1118.132
4.4.0-1119.133
4.4.0-1121.135
4.4.0-1122.136
4.4.0-1123.137
4.4.0-1124.138
4.4.0-1126.140
4.4.0-1127.141
4.4.0-1128.142
4.4.0-1129.143
4.4.0-1130.144
4.4.0-1131.145
4.4.0-1132.146
4.4.0-1133.147
4.4.0-1134.148
4.4.0-1135.149
4.4.0-1137.151
4.4.0-1138.152
4.4.0-1139.153
4.4.0-1140.154
4.4.0-1143.158
4.4.0-1145.160
4.4.0-1146.161
4.4.0-1147.162
4.4.0-1148.163

Ecosystem specific 

{
    "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro",
    "binaries": [
        {
            "linux-aws-headers-4.4.0-1150": "4.4.0-1150.165",
            "linux-buildinfo-4.4.0-1150-aws": "4.4.0-1150.165",
            "linux-aws-cloud-tools-4.4.0-1150": "4.4.0-1150.165",
            "linux-aws-tools-4.4.0-1150": "4.4.0-1150.165",
            "linux-cloud-tools-4.4.0-1150-aws": "4.4.0-1150.165",
            "linux-modules-4.4.0-1150-aws": "4.4.0-1150.165",
            "linux-image-4.4.0-1150-aws": "4.4.0-1150.165",
            "linux-headers-4.4.0-1150-aws": "4.4.0-1150.165",
            "linux-modules-extra-4.4.0-1150-aws": "4.4.0-1150.165",
            "linux-image-4.4.0-1150-aws-dbgsym": "4.4.0-1150.165",
            "linux-tools-4.4.0-1150-aws": "4.4.0-1150.165"
        }
    ]
}