logo
DATABASE RESOURCES PRICING ABOUT US

Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerability (USN-5634-1)

Description

The remote Ubuntu 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5634-1 advisory. - nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len. (CVE-2022-36946) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.


Related