Ubuntu 20.04 LTS / 21.10 : Linux kernel vulnerabilities (USN-5468-1)


The remote Ubuntu 20.04 LTS / 21.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5468-1 advisory. - A flaw was found in KVM. When updating a guest's page table entry, vm_pgoff was improperly used as the offset to get the page's pfn. As vaddr and vm_pgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region and potentially corrupt the kernel, resulting in a denial of service condition. (CVE-2022-1158) - KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is triggered. (CVE-2022-21499) - drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev->buf release. (CVE-2022-24958) - ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free. (CVE-2022-28390) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.