Lucene search

K
ubuntuUbuntuUSN-5590-1
HistoryAug 30, 2022 - 12:00 a.m.

Linux kernel (OEM) vulnerability

2022-08-3000:00:00
ubuntu.com
50
ubuntu 20.04 lts
linux kernel
oem systems
netfilter subsystem
denial of service

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.6 High

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.8%

Releases

  • Ubuntu 20.04 LTS

Packages

  • linux-oem-5.14 - Linux kernel for OEM systems

Details

Domingo Dirutigliano and Nicola Guerrera discovered that the netfilter
subsystem in the Linux kernel did not properly handle rules that truncated
packets below the packet header size. When such rules are in place, a
remote attacker could possibly use this to cause a denial of service
(system crash).

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.6 High

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.8%