Lucene search

K
ubuntuUbuntuUSN-5357-2
HistoryMar 31, 2022 - 12:00 a.m.

Linux kernel vulnerability

2022-03-3100:00:00
ubuntu.com
91

7.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.2%

Releases

  • Ubuntu 18.04 ESM
  • Ubuntu 16.04 ESM
  • Ubuntu 14.04 ESM

Packages

  • linux-aws-hwe - Linux kernel for Amazon Web Services (AWS-HWE) systems
  • linux-azure - Linux kernel for Microsoft Azure Cloud systems
  • linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
  • linux-gcp-4.15 - Linux kernel for Google Cloud Platform (GCP) systems
  • linux-oracle - Linux kernel for Oracle Cloud systems
  • linux-raspi2 - Linux kernel for Raspberry Pi systems

Details

It was discovered that the IPsec implementation in the Linux kernel did not
properly allocate enough memory when performing ESP transformations,
leading to a heap-based buffer overflow. A local attacker could use this to
cause a denial of service (system crash) or possibly execute arbitrary
code.