Lucene search

K
ubuntuUbuntuUSN-5317-1
HistoryMar 09, 2022 - 12:00 a.m.

Linux kernel vulnerabilities

2022-03-0900:00:00
ubuntu.com
182

8 High

AI Score

Confidence

High

0.076 Low

EPSS

Percentile

94.1%

Releases

  • Ubuntu 21.10
  • Ubuntu 20.04 LTS

Packages

  • linux - Linux kernel
  • linux-aws - Linux kernel for Amazon Web Services (AWS) systems
  • linux-aws-5.13 - Linux kernel for Amazon Web Services (AWS) systems
  • linux-azure - Linux kernel for Microsoft Azure Cloud systems
  • linux-azure-5.13 - Linux kernel for Microsoft Azure cloud systems
  • linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
  • linux-gcp-5.13 - Linux kernel for Google Cloud Platform (GCP) systems
  • linux-hwe-5.13 - Linux hardware enablement (HWE) kernel
  • linux-kvm - Linux kernel for cloud environments
  • linux-oem-5.14 - Linux kernel for OEM systems
  • linux-oracle - Linux kernel for Oracle Cloud systems
  • linux-oracle-5.13 - Linux kernel for Oracle Cloud systems
  • linux-raspi - Linux kernel for Raspberry Pi systems

Details

Nick Gregory discovered that the Linux kernel incorrectly handled network
offload functionality. A local attacker could use this to cause a denial of
service or possibly execute arbitrary code. (CVE-2022-25636)

Enrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, and Cristiano
Giuffrida discovered that hardware mitigations added by ARM to their
processors to address Spectre-BTI were insufficient. A local attacker could
potentially use this to expose sensitive information. (CVE-2022-23960)

Max Kellermann discovered that the Linux kernel incorrectly handled Unix
pipes. A local attacker could potentially use this to modify any file that
could be opened for reading. (CVE-2022-0847)

Enrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, and Cristiano
Giuffrida discovered that hardware mitigations added by Intel to their
processors to address Spectre-BTI were insufficient. A local attacker could
potentially use this to expose sensitive information. (CVE-2022-0001,
CVE-2022-0002)