-
Notifications
You must be signed in to change notification settings - Fork 0
/
USN-5865-1.json
118 lines (118 loc) · 6.39 KB
/
USN-5865-1.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
{
"id": "USN-5865-1",
"summary": "linux-azure-4.15 vulnerabilities",
"details": "It was discovered that an out-of-bounds write vulnerability existed in the\nVideo for Linux 2 (V4L2) implementation in the Linux kernel. A local\nattacker could use this to cause a denial of service (system crash) or\npossibly execute arbitrary code. (CVE-2022-20369)\n\nPawan Kumar Gupta, Alyssa Milburn, Amit Peled, Shani Rehana, Nir Shildan\nand Ariel Sabba discovered that some Intel processors with Enhanced\nIndirect Branch Restricted Speculation (eIBRS) did not properly handle RET\ninstructions after a VM exits. A local attacker could potentially use this\nto expose sensitive information. (CVE-2022-26373)\n\nDavid Leadbeater discovered that the netfilter IRC protocol tracking\nimplementation in the Linux Kernel incorrectly handled certain message\npayloads in some situations. A remote attacker could possibly use this to\ncause a denial of service or bypass firewall filtering. (CVE-2022-2663)\n\nJohannes Wikner and Kaveh Razavi discovered that for some AMD x86-64\nprocessors, the branch predictor could by mis-trained for return\ninstructions in certain circumstances. A local attacker could possibly use\nthis to expose sensitive information. (CVE-2022-29900)\n\nJohannes Wikner and Kaveh Razavi discovered that for some Intel x86-64\nprocessors, the Linux kernel's protections against speculative branch\ntarget injection attacks were insufficient in some circumstances. A local\nattacker could possibly use this to expose sensitive information.\n(CVE-2022-29901)\n\nIt was discovered that the NILFS2 file system implementation in the Linux\nkernel did not properly deallocate memory in certain error conditions. An\nattacker could use this to cause a denial of service (memory exhaustion).\n(CVE-2022-3646)\n\nKhalid Masum discovered that the NILFS2 file system implementation in the\nLinux kernel did not properly handle certain error conditions, leading to a\nuse-after-free vulnerability. A local attacker could use this to cause a\ndenial of service or possibly execute arbitrary code. (CVE-2022-3649)\n\nHyunwoo Kim discovered that an integer overflow vulnerability existed in\nthe PXA3xx graphics driver in the Linux kernel. A local attacker could\npossibly use this to cause a denial of service (system crash).\n(CVE-2022-39842)\n\nIt was discovered that a race condition existed in the SMSC UFX USB driver\nimplementation in the Linux kernel, leading to a use-after-free\nvulnerability. A physically proximate attacker could use this to cause a\ndenial of service (system crash) or possibly execute arbitrary code.\n(CVE-2022-41849)\n\nIt was discovered that a race condition existed in the Roccat HID driver in\nthe Linux kernel, leading to a use-after-free vulnerability. A local\nattacker could use this to cause a denial of service (system crash) or\npossibly execute arbitrary code. (CVE-2022-41850)\n\nIt was discovered that the USB monitoring (usbmon) component in the Linux\nkernel did not properly set permissions on memory mapped in to user space\nprocesses. A local attacker could use this to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2022-43750)\n",
"aliases": [],
"related": [
"CVE-2022-20369",
"CVE-2022-26373",
"CVE-2022-2663",
"CVE-2022-29900",
"CVE-2022-29901",
"CVE-2022-3646",
"CVE-2022-3649",
"CVE-2022-39842",
"CVE-2022-41849",
"CVE-2022-41850",
"CVE-2022-43750"
],
"published": "2023-02-10T14:08:25.776765Z",
"modified": "2023-02-10T14:08:25.776765Z",
"affected": [
{
"package": {
"ecosystem": "Ubuntu:18.04:LTS",
"name": "linux-azure-4.15"
},
"ranges": [
{
"type": "ECOSYSTEM",
"events": [
{
"introduced": "0"
},
{
"fixed": "4.15.0-1161.176"
}
]
}
],
"ecosystem_specific": {
"binaries": [
{
"linux-headers-azure-lts-18.04": "4.15.0.1161.129",
"linux-azure-lts-18.04": "4.15.0.1161.129",
"linux-modules-extra-4.15.0-1161-azure": "4.15.0-1161.176",
"linux-cloud-tools-azure-lts-18.04": "4.15.0.1161.129",
"linux-tools-azure-lts-18.04": "4.15.0.1161.129",
"linux-modules-4.15.0-1161-azure": "4.15.0-1161.176",
"linux-signed-image-azure-lts-18.04": "4.15.0.1161.129",
"linux-azure-4.15-tools-4.15.0-1161": "4.15.0-1161.176",
"linux-modules-extra-azure-lts-18.04": "4.15.0.1161.129",
"linux-headers-4.15.0-1161-azure": "4.15.0-1161.176",
"linux-image-4.15.0-1161-azure": "4.15.0-1161.176",
"linux-azure-4.15-headers-4.15.0-1161": "4.15.0-1161.176",
"linux-tools-4.15.0-1161-azure": "4.15.0-1161.176",
"linux-azure-4.15-cloud-tools-4.15.0-1161": "4.15.0-1161.176",
"linux-image-unsigned-4.15.0-1161-azure": "4.15.0-1161.176",
"linux-cloud-tools-4.15.0-1161-azure": "4.15.0-1161.176",
"linux-buildinfo-4.15.0-1161-azure": "4.15.0-1161.176",
"linux-image-azure-lts-18.04": "4.15.0.1161.129",
"linux-signed-azure-lts-18.04": "4.15.0.1161.129"
}
],
"availability": "No subscription needed"
}
}
],
"references": [
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-5865-1"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2022-20369"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2022-26373"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2022-2663"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2022-29900"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2022-29901"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2022-3646"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2022-3649"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2022-39842"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2022-41849"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2022-41850"
},
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2022-43750"
}
]
}