Lucene search
UbuntuUSN-5240-1HistoryJan 19, 2022 - 12:00 a.m.
Linux kernel vulnerability
2022-01-1900:00:00
ubuntu.com
206
8.4 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.3 High
AI Score
Confidence
High
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
24.4%
Releases
- Ubuntu 21.10
- Ubuntu 21.04
- Ubuntu 20.04 LTS
- Ubuntu 18.04 ESM
Packages
- linux - Linux kernel
- linux-aws - Linux kernel for Amazon Web Services (AWS) systems
- linux-aws-5.11 - Linux kernel for Amazon Web Services (AWS) systems
- linux-aws-5.4 - Linux kernel for Amazon Web Services (AWS) systems
- linux-azure - Linux kernel for Microsoft Azure Cloud systems
- linux-azure-5.11 - Linux kernel for Microsoft Azure cloud systems
- linux-azure-5.4 - Linux kernel for Microsoft Azure cloud systems
- linux-bluefield - Linux kernel for NVIDIA BlueField platforms
- linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
- linux-gcp-5.11 - Linux kernel for Google Cloud Platform (GCP) systems
- linux-gcp-5.4 - Linux kernel for Google Cloud Platform (GCP) systems
- linux-gke - Linux kernel for Google Container Engine (GKE) systems
- linux-gke-5.4 - Linux kernel for Google Container Engine (GKE) systems
- linux-gkeop - Linux kernel for Google Container Engine (GKE) systems
- linux-gkeop-5.4 - Linux kernel for Google Container Engine (GKE) systems
- linux-hwe-5.4 - Linux hardware enablement (HWE) kernel
- linux-ibm - Linux kernel for IBM cloud systems
- linux-kvm - Linux kernel for cloud environments
- linux-oem-5.10 - Linux kernel for OEM systems
- linux-oem-5.13 - Linux kernel for OEM systems
- linux-oem-5.14 - Linux kernel for OEM systems
- linux-oracle - Linux kernel for Oracle Cloud systems
- linux-oracle-5.11 - Linux kernel for Oracle Cloud systems
- linux-oracle-5.4 - Linux kernel for Oracle Cloud systems
- linux-raspi - Linux kernel for Raspberry Pi systems
- linux-raspi-5.4 - Linux kernel for Raspberry Pi systems
Details
William Liu and Jamie Hill-Daniel discovered that the file system context
functionality in the Linux kernel contained an integer underflow
vulnerability, leading to an out-of-bounds write. A local attacker could
use this to cause a denial of service (system crash) or execute arbitrary
code.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 21.10 | noarch | linux-image-virtual | < 5.13.0.27.37 | UNKNOWN |
| Ubuntu | 21.10 | noarch | linux-cloud-tools-generic | < 5.13.0.27.37 | UNKNOWN |
| Ubuntu | 21.10 | noarch | linux-cloud-tools-generic-hwe-20.04 | < 5.13.0.27.37 | UNKNOWN |
| Ubuntu | 21.10 | noarch | linux-cloud-tools-generic-hwe-20.04-edge | < 5.13.0.27.37 | UNKNOWN |
| Ubuntu | 21.10 | noarch | linux-cloud-tools-lowlatency | < 5.13.0.27.37 | UNKNOWN |
| Ubuntu | 21.10 | noarch | linux-cloud-tools-lowlatency-hwe-20.04 | < 5.13.0.27.37 | UNKNOWN |
| Ubuntu | 21.10 | noarch | linux-cloud-tools-lowlatency-hwe-20.04-edge | < 5.13.0.27.37 | UNKNOWN |
| Ubuntu | 21.10 | noarch | linux-cloud-tools-virtual | < 5.13.0.27.37 | UNKNOWN |
| Ubuntu | 21.10 | noarch | linux-cloud-tools-virtual-hwe-20.04 | < 5.13.0.27.37 | UNKNOWN |
| Ubuntu | 21.10 | noarch | linux-cloud-tools-virtual-hwe-20.04-edge | < 5.13.0.27.37 | UNKNOWN |
References
Related
veracode
veracode
Denial Of Service (DoS)
2022-01-20 05:51:17
openvas
openvas
Fedora: Security Advisory for kernel (FEDORA-2022-6d4082d590)
2022-01-22 00:00:00
Mageia: Security Advisory (MGASA-2022-0027)
2022-01-28 00:00:00
Fedora: Security Advisory for kernel (FEDORA-2022-6352c313b7)
2022-01-22 00:00:00
redhatcve
redhatcve
CVE-2022-0185
2022-01-18 19:18:49
debiancve
debiancve
CVE-2022-0185
2022-02-11 18:15:00
mageia
mageia
Updated kernel packages fix security vulnerability
2022-01-22 00:41:23
Updated kernel-linus packages fix security vulnerability
2022-01-22 00:41:23
cve
cve
CVE-2022-0185
2022-02-11 18:15:00
fedora
fedora
[SECURITY] Fedora 35 Update: kernel-5.15.16-200.fc35
2022-01-22 01:32:03
[SECURITY] Fedora 34 Update: kernel-5.15.16-100.fc34
2022-01-22 01:18:36
nessus
nessus
githubexploit
githubexploit
Exploit for Integer Underflow (Wrap or Wraparound) in Linux Linux Kernel
2024-04-15 02:42:43
Exploit for Integer Underflow (Wrap or Wraparound) in Linux Linux Kernel
2022-02-18 09:27:34
Exploit for Integer Underflow (Wrap or Wraparound) in Linux Linux Kernel
2022-04-05 07:48:35
osv
osv
Important: kernel security and bug fix update
2022-01-19 13:59:09
Important: kernel-rt security and bug fix update
2022-01-19 09:43:06
cloudfoundry
cloudfoundry
USN-5240-1: Linux kernel vulnerability | Cloud Foundry
2022-03-11 00:00:00
cnvd
cnvd
Linux kernel heap buffer overflow vulnerability (CNVD-2022-68564)
2022-01-21 00:00:00
prion
prion
Heap overflow
2022-02-11 18:15:00
ubuntucve
ubuntucve
CVE-2022-0185
2022-01-18 00:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel-container security update
2022-01-19 00:00:00
Unbreakable Enterprise kernel security update
2022-01-19 00:00:00
kernel security and bug fix update
2022-01-21 00:00:00
cbl_mariner
cbl_mariner
CVE-2022-0185 affecting package kernel 5.15.86.1-1
2022-04-09 06:52:47
CVE-2022-0185 affecting package kernel 5.10.161.1-1
2022-02-25 01:46:15
f5
f5
K73200428 : Linux kernel vulnerability CVE-2022-0185
2022-03-02 00:00:00
ibm
ibm
ubuntu
ubuntu
Kernel Live Patch Security Notice
2022-01-20 00:00:00
Linux kernel (Intel IOTG) vulnerabilities
2022-04-01 00:00:00
rocky
rocky
kernel-rt security and bug fix update
2022-01-19 22:58:41
kernel security and bug fix update
2022-01-19 13:59:09
kernel security and bug fix update
2022-01-19 22:55:48
redhat
redhat
(RHSA-2022:0232) Important: kpatch-patch security update
2022-01-24 09:04:18
(RHSA-2022:0176) Important: kernel-rt security and bug fix update
2022-01-19 09:43:06
(RHSA-2022:0188) Important: kernel security and bug fix update
2022-01-19 13:59:09
almalinux
almalinux
Important: kernel security and bug fix update
2022-01-19 13:59:09
thn
thn
12-Year-Old Polkit Flaw Lets Unprivileged Linux Users Gain Root Access
2022-01-26 05:39:00
China-Linked Group Breaches Networks via Connectwise, F5 Software Flaws
2024-03-22 11:28:00
threatpost
threatpost
Bug in the Linux Kernel Allows Privilege Escalation, Container Escape
2022-03-08 14:52:05
trellix
trellix
The Bug Report - January 2022 Edition
2022-02-02 00:00:00
The Bug Report - January 2022 Edition
2022-02-02 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2022-0146
2022-01-25 00:00:00
Important Photon OS Security Update - PHSA-2022-4.0-0146
2022-01-25 00:00:00
suse
suse
Security update for the Linux Kernel (important)
2022-01-25 00:00:00
Security update for the Linux Kernel (important)
2022-01-26 00:00:00
debian
debian
[SECURITY] [DSA 5050-1] linux security update
2022-01-20 16:46:05
redos
redos
ROS-20220919-01
2022-09-19 00:00:00
8.4 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.3 High
AI Score
Confidence
High
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
24.4%
Related for USN-5240-1