USN-5804-2

See a problem?

Source

https://ubuntu.com/security/notices/USN-5804-2

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5804-2.json

JSON Data

https://api.osv.dev/v1/vulns/USN-5804-2

Related

Published

2023-01-13T19:11:37.171007Z

Modified

2023-01-13T19:11:37.171007Z

Summary

linux-aws, linux-gcp-4.15 vulnerabilities

Details

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43945)

Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42896)

It was discovered that the Xen netback driver in the Linux kernel did not properly handle packets structured in certain ways. An attacker in a guest VM could possibly use this to cause a denial of service (host NIC availability). (CVE-2022-3643)

It was discovered that an integer overflow vulnerability existed in the Bluetooth subsystem in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2022-45934)

References

Affected packages

Ubuntu:18.04:LTS / linux-aws

Package

Name: linux-aws
Purl: pkg:deb/ubuntu/linux-aws@4.15.0-1148.160?arch=src?distro=bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.15.0-1148.160

Affected versions

4.*

4.15.0-1001.1

4.15.0-1003.3

4.15.0-1005.5

4.15.0-1006.6

4.15.0-1007.7

4.15.0-1009.9

4.15.0-1010.10

4.15.0-1011.11

4.15.0-1016.16

4.15.0-1017.17

4.15.0-1019.19

4.15.0-1020.20

4.15.0-1021.21

4.15.0-1023.23

4.15.0-1025.25

4.15.0-1027.27

4.15.0-1029.30

4.15.0-1031.33

4.15.0-1032.34

4.15.0-1033.35

4.15.0-1034.36

4.15.0-1035.37

4.15.0-1037.39

4.15.0-1039.41

4.15.0-1040.42

4.15.0-1041.43

4.15.0-1043.45

4.15.0-1044.46

4.15.0-1045.47

4.15.0-1047.49

4.15.0-1048.50

4.15.0-1050.52

4.15.0-1051.53

4.15.0-1052.54

4.15.0-1054.56

4.15.0-1056.58

4.15.0-1057.59

4.15.0-1058.60

4.15.0-1060.62

4.15.0-1063.67

4.15.0-1065.69

4.15.0-1066.70

4.15.0-1067.71

4.15.0-1073.77

4.15.0-1076.80

4.15.0-1077.81

4.15.0-1079.83

4.15.0-1080.84

4.15.0-1082.86

4.15.0-1083.87

4.15.0-1086.91

4.15.0-1087.92

4.15.0-1088.93

4.15.0-1090.95

4.15.0-1091.96

4.15.0-1092.98

4.15.0-1093.99

4.15.0-1094.101

4.15.0-1095.102

4.15.0-1096.103

4.15.0-1097.104

4.15.0-1098.105

4.15.0-1099.106

4.15.0-1101.108

4.15.0-1102.109

4.15.0-1103.110

4.15.0-1106.113

4.15.0-1109.116

4.15.0-1110.117

4.15.0-1111.118

4.15.0-1112.119

4.15.0-1114.121

4.15.0-1115.122

4.15.0-1116.123

4.15.0-1118.125

4.15.0-1119.127

4.15.0-1121.129

4.15.0-1123.132

4.15.0-1124.133

4.15.0-1126.135

4.15.0-1127.136

4.15.0-1128.137

4.15.0-1130.139

4.15.0-1133.143

4.15.0-1136.147

4.15.0-1137.148

4.15.0-1139.150

4.15.0-1140.151

4.15.0-1141.152

4.15.0-1142.154

4.15.0-1143.155

4.15.0-1144.156

4.15.0-1146.158

4.15.0-1147.159

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "linux-buildinfo-4.15.0-1148-aws": "4.15.0-1148.160",
            "linux-image-unsigned-4.15.0-1148-aws-dbgsym": "4.15.0-1148.160",
            "linux-modules-4.15.0-1148-aws": "4.15.0-1148.160",
            "linux-aws-cloud-tools-4.15.0-1148": "4.15.0-1148.160",
            "linux-aws-tools-4.15.0-1148": "4.15.0-1148.160",
            "linux-aws-headers-4.15.0-1148": "4.15.0-1148.160",
            "linux-tools-4.15.0-1148-aws": "4.15.0-1148.160",
            "linux-cloud-tools-4.15.0-1148-aws": "4.15.0-1148.160",
            "linux-headers-4.15.0-1148-aws": "4.15.0-1148.160",
            "linux-modules-extra-4.15.0-1148-aws": "4.15.0-1148.160",
            "linux-image-unsigned-4.15.0-1148-aws": "4.15.0-1148.160"
        }
    ]
}

Ubuntu:18.04:LTS / linux-gcp-4.15

Package

Name: linux-gcp-4.15
Purl: pkg:deb/ubuntu/linux-gcp-4.15@4.15.0-1143.159?arch=src?distro=bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.15.0-1143.159

Affected versions

4.*

4.15.0-1071.81

4.15.0-1077.87

4.15.0-1078.88

4.15.0-1080.90

4.15.0-1081.92

4.15.0-1083.94

4.15.0-1084.95

4.15.0-1086.98

4.15.0-1087.100

4.15.0-1088.101

4.15.0-1090.103

4.15.0-1091.104

4.15.0-1092.105

4.15.0-1093.106

4.15.0-1094.107

4.15.0-1095.108

4.15.0-1096.109

4.15.0-1097.110

4.15.0-1098.111

4.15.0-1099.112

4.15.0-1100.113

4.15.0-1103.116

4.15.0-1106.120

4.15.0-1107.121

4.15.0-1108.122

4.15.0-1109.123

4.15.0-1110.124

4.15.0-1111.125

4.15.0-1112.126

4.15.0-1114.128

4.15.0-1115.129

4.15.0-1116.130

4.15.0-1118.132

4.15.0-1119.133

4.15.0-1120.134

4.15.0-1121.135

4.15.0-1122.136

4.15.0-1124.138

4.15.0-1127.142

4.15.0-1130.146

4.15.0-1131.147

4.15.0-1134.150

4.15.0-1135.151

4.15.0-1136.152

4.15.0-1137.153

4.15.0-1138.154

4.15.0-1141.157

4.15.0-1142.158

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "linux-gcp-4.15-tools-4.15.0-1143": "4.15.0-1143.159",
            "linux-modules-extra-4.15.0-1143-gcp": "4.15.0-1143.159",
            "linux-buildinfo-4.15.0-1143-gcp": "4.15.0-1143.159",
            "linux-headers-4.15.0-1143-gcp": "4.15.0-1143.159",
            "linux-image-unsigned-4.15.0-1143-gcp": "4.15.0-1143.159",
            "linux-gcp-4.15-headers-4.15.0-1143": "4.15.0-1143.159",
            "linux-modules-4.15.0-1143-gcp": "4.15.0-1143.159",
            "linux-image-unsigned-4.15.0-1143-gcp-dbgsym": "4.15.0-1143.159",
            "linux-tools-4.15.0-1143-gcp": "4.15.0-1143.159"
        }
    ]
}