Lucene search

UbuntuUSN-5621-1

HistorySep 21, 2022 - 12:00 a.m.

Linux kernel vulnerabilities

2022-09-2100:00:00

ubuntu.com

154

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

8 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.009 Low

EPSS

Percentile

82.5%

JSON

Releases

Ubuntu 18.04 ESM
Ubuntu 16.04 ESM

Packages

linux - Linux kernel
linux-aws - Linux kernel for Amazon Web Services (AWS) systems
linux-aws-hwe - Linux kernel for Amazon Web Services (AWS-HWE) systems
linux-azure-4.15 - Linux kernel for Microsoft Azure Cloud systems
linux-dell300x - Linux kernel for Dell 300x platforms
linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
linux-gcp-4.15 - Linux kernel for Google Cloud Platform (GCP) systems
linux-hwe - Linux hardware enablement (HWE) kernel
linux-kvm - Linux kernel for cloud environments
linux-oracle - Linux kernel for Oracle Cloud systems
linux-raspi2 - Linux kernel for Raspberry Pi systems
linux-snapdragon - Linux kernel for Qualcomm Snapdragon processors

Details

It was discovered that the framebuffer driver on the Linux kernel did not
verify size limits when changing font or screen size, leading to an out-of-
bounds write. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2021-33655)

Domingo Dirutigliano and Nicola Guerrera discovered that the netfilter
subsystem in the Linux kernel did not properly handle rules that truncated
packets below the packet header size. When such rules are in place, a
remote attacker could possibly use this to cause a denial of service
(system crash). (CVE-2022-36946)

OSVersionArchitecturePackageVersionFilename
Ubuntu18.04noarchlinux-image-dell300x< 4.15.0.1053.53UNKNOWN
Ubuntu18.04noarchlinux-dell300x< 4.15.0.1053.53UNKNOWN
Ubuntu18.04noarchlinux-headers-dell300x< 4.15.0.1053.53UNKNOWN
Ubuntu18.04noarchlinux-tools-dell300x< 4.15.0.1053.53UNKNOWN
Ubuntu18.04noarchlinux-image-virtual< 4.15.0.193.178UNKNOWN
Ubuntu18.04noarchlinux-cloud-tools-generic< 4.15.0.193.178UNKNOWN
Ubuntu18.04noarchlinux-cloud-tools-generic-hwe-16.04< 4.15.0.193.178UNKNOWN
Ubuntu18.04noarchlinux-cloud-tools-generic-hwe-16.04-edge< 4.15.0.193.178UNKNOWN
Ubuntu18.04noarchlinux-cloud-tools-lowlatency< 4.15.0.193.178UNKNOWN
Ubuntu18.04noarchlinux-cloud-tools-lowlatency-hwe-16.04< 4.15.0.193.178UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Ubuntu	18.04	noarch	linux-image-dell300x	< 4.15.0.1053.53	UNKNOWN
Ubuntu	18.04	noarch	linux-dell300x	< 4.15.0.1053.53	UNKNOWN
Ubuntu	18.04	noarch	linux-headers-dell300x	< 4.15.0.1053.53	UNKNOWN
Ubuntu	18.04	noarch	linux-tools-dell300x	< 4.15.0.1053.53	UNKNOWN
Ubuntu	18.04	noarch	linux-image-virtual	< 4.15.0.193.178	UNKNOWN
Ubuntu	18.04	noarch	linux-cloud-tools-generic	< 4.15.0.193.178	UNKNOWN
Ubuntu	18.04	noarch	linux-cloud-tools-generic-hwe-16.04	< 4.15.0.193.178	UNKNOWN
Ubuntu	18.04	noarch	linux-cloud-tools-generic-hwe-16.04-edge	< 4.15.0.193.178	UNKNOWN
Ubuntu	18.04	noarch	linux-cloud-tools-lowlatency	< 4.15.0.193.178	UNKNOWN
Ubuntu	18.04	noarch	linux-cloud-tools-lowlatency-hwe-16.04	< 4.15.0.193.178	UNKNOWN