Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-5622-1
HistorySep 21, 2022 - 12:00 a.m.

Linux kernel vulnerabilities

2022-09-2100:00:00
ubuntu.com
41
linux kernel
ubuntu
vulnerabilities
security
out-of-bounds write
denial of service
arbitrary code execution
cve-2021-33655
cve-2022-1012
cve-2022-32296
cve-2022-1729
cve-2022-2503
cve-2022-36946
local attacker
randomization
race condition
privileged attacker
netfilter
device-mapper verity
aws
microsoft azure
google container engine
nvidia bluefield
ibm cloud
oracle cloud
raspberry pi

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

8.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

AI Score

7.6

Confidence

High

EPSS

0.009

Percentile

82.8%

JSON

Releases

  • Ubuntu 20.04 LTS
  • Ubuntu 18.04 ESM

Packages

  • linux - Linux kernel
  • linux-aws - Linux kernel for Amazon Web Services (AWS) systems
  • linux-aws-5.4 - Linux kernel for Amazon Web Services (AWS) systems
  • linux-azure - Linux kernel for Microsoft Azure Cloud systems
  • linux-azure-5.4 - Linux kernel for Microsoft Azure cloud systems
  • linux-bluefield - Linux kernel for NVIDIA BlueField platforms
  • linux-gkeop - Linux kernel for Google Container Engine (GKE) systems
  • linux-hwe-5.4 - Linux hardware enablement (HWE) kernel
  • linux-ibm - Linux kernel for IBM cloud systems
  • linux-ibm-5.4 - Linux kernel for IBM cloud systems
  • linux-kvm - Linux kernel for cloud environments
  • linux-oracle - Linux kernel for Oracle Cloud systems
  • linux-oracle-5.4 - Linux kernel for Oracle Cloud systems
  • linux-raspi - Linux kernel for Raspberry Pi systems

Details

It was discovered that the framebuffer driver on the Linux kernel did not
verify size limits when changing font or screen size, leading to an out-of-
bounds write. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2021-33655)

Moshe Kol, Amit Klein and Yossi Gilad discovered that the IP implementation
in the Linux kernel did not provide sufficient randomization when
calculating port offsets. An attacker could possibly use this to expose
sensitive information. (CVE-2022-1012, CVE-2022-32296)

Norbert Slusarek discovered that a race condition existed in the perf
subsystem in the Linux kernel, resulting in a use-after-free vulnerability.
A privileged local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2022-1729)

It was discovered that the device-mapper verity (dm-verity) driver in the
Linux kernel did not properly verify targets being loaded into the device-
mapper table. A privileged attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2022-2503)

Domingo Dirutigliano and Nicola Guerrera discovered that the netfilter
subsystem in the Linux kernel did not properly handle rules that truncated
packets below the packet header size. When such rules are in place, a
remote attacker could possibly use this to cause a denial of service
(system crash). (CVE-2022-36946)

Related

osv 24
openvas 27
nessus 40
ubuntu 15
redhatcve 6
ubuntucve 6
ibm 3
redhat 7
cbl_mariner 10
cve 6
almalinux 4
debiancve 6
nvd 6
cvelist 6
prion 6
oraclelinux 6
githubexploit 3
f5 2
veracode 4
rocky 2
fedora 9
cnvd 1
osv
osv
linux-azure-fde vulnerabilities
2022-09-26 15:32:12
linux-gke vulnerabilities
2022-10-04 17:25:44
linux-raspi-5.4 vulnerabilities
2022-09-22 16:29:56
openvas
openvas
Ubuntu: Security Advisory (USN-5654-1)
2022-10-05 00:00:00
Ubuntu: Security Advisory (USN-5622-1)
2022-09-22 00:00:00
Ubuntu: Security Advisory (USN-5630-1)
2022-09-23 00:00:00
nessus
nessus
Ubuntu 20.04 LTS : Linux kernel (GKE) vulnerabilities (USN-5654-1)
2022-10-05 00:00:00
Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-5622-1)
2022-09-21 00:00:00
Ubuntu 20.04 LTS : Linux kernel (GCP) vulnerabilities (USN-5647-1)
2022-09-28 00:00:00
ubuntu
ubuntu
Linux kernel (GCP) vulnerabilities
2022-10-06 00:00:00
Linux kernel (Raspberry Pi) vulnerabilities
2022-09-22 00:00:00
Linux kernel (GKE) vulnerabilities
2022-10-04 00:00:00
redhatcve
redhatcve
CVE-2022-32296
2022-06-14 14:30:03
CVE-2022-36946
2022-08-07 16:06:23
CVE-2021-33655
2022-07-21 10:46:26
ubuntucve
ubuntucve
CVE-2022-32296
2022-06-05 00:00:00
CVE-2021-33655
2022-07-18 00:00:00
CVE-2022-36946
2022-07-27 00:00:00
ibm
ibm
Security Bulletin: Multiple Linux Kernel vulnerabilities may affect IBM Elastic Storage System
2022-12-13 13:33:54
Security Bulletin: Vulnerability in Kernel (CVE-2022-1012) affects Power HMC
2023-01-08 16:04:52
Security Bulletin: IBM DataPower Gateway subject to a memory leak in TCP source port generation (CVE-2022-1012)
2022-12-16 18:58:43
redhat
redhat
(RHSA-2022:5636) Important: kernel security and bug fix update
2022-07-19 14:44:22
(RHSA-2022:5267) Important: kernel-rt security and bug fix update
2022-06-28 08:29:41
(RHSA-2022:5564) Important: kernel security, bug fix, and enhancement update
2022-07-13 06:31:31
cbl_mariner
cbl_mariner
CVE-2022-32296 affecting package kernel 5.10.123.1-1
2022-08-12 16:45:24
CVE-2022-32296 affecting package kernel for versions less than 5.15.48.1-2
2022-07-01 21:02:42
CVE-2022-36946 affecting package kernel 5.10.144.1-1
2022-10-13 00:40:31
cve
cve
CVE-2022-32296
2022-06-05 22:15:08
CVE-2021-33655
2022-07-18 15:15:07
CVE-2022-36946
2022-07-27 20:15:08
almalinux
almalinux
Important: kernel security and bug fix update
2022-07-01 00:00:00
Important: kernel-rt security and bug fix update
2022-06-28 00:00:00
Important: kernel-rt security and bug fix update
2022-07-13 00:00:00
debiancve
debiancve
CVE-2022-32296
2022-06-05 22:15:08
CVE-2021-33655
2022-07-18 15:15:07
CVE-2022-36946
2022-07-27 20:15:08
nvd
nvd
CVE-2022-32296
2022-06-05 22:15:08
CVE-2021-33655
2022-07-18 15:15:07
CVE-2022-36946
2022-07-27 20:15:08
cvelist
cvelist
CVE-2022-32296
2022-06-05 21:53:54
CVE-2022-36946
2022-07-27 00:00:00
CVE-2021-33655
2022-07-18 14:45:50
prion
prion
Double free
2022-06-05 22:15:00
Out-of-bounds
2022-07-18 15:15:00
Code injection
2022-07-27 20:15:00
oraclelinux
oraclelinux
kernel security and bug fix update
2022-06-30 00:00:00
Unbreakable Enterprise kernel security update
2022-05-20 00:00:00
Unbreakable Enterprise kernel-container security update
2022-05-21 00:00:00
githubexploit
githubexploit
Exploit for CVE-2022-36946
2022-11-03 09:49:23
Exploit for Vulnerability in Linux Linux Kernel
2022-08-02 18:57:19
Exploit for CVE-2022-36946
2022-07-28 11:22:13
f5
f5
K45164470 : Linux kernel vulnerability CVE-2022-36946
2022-08-12 00:00:00
K000132933 : Linux kernel vulnerability CVE-2022-1729
2023-03-13 00:00:00
veracode
veracode
Denial Of Service (DoS)
2022-09-26 10:34:52
Authentication Bypass
2022-09-26 10:48:14
Denial Of Service
2022-07-05 00:43:35
rocky
rocky
kernel-rt security and bug fix update
2022-07-13 06:31:32
kernel security, bug fix, and enhancement update
2022-07-13 06:31:31
fedora
fedora
[SECURITY] Fedora 36 Update: kernel-tools-5.17.11-300.fc36
2022-05-28 01:16:41
[SECURITY] Fedora 35 Update: kernel-tools-5.17.11-200.fc35
2022-05-28 01:22:58
[SECURITY] Fedora 34 Update: kernel-5.17.11-100.fc34
2022-05-28 01:32:51
cnvd
cnvd
Linux kernel competition condition issue vulnerability (CNVD-2022-74091)
2022-09-09 00:00:00

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

8.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

AI Score

7.6

Confidence

High

EPSS

0.009

Percentile

82.8%

JSON
Related for USN-5622-1
osv24openvas27nessus40ubuntu15redhatcve6ubuntucve6ibm3redhat7cbl_mariner10cve6almalinux4debiancve6nvd6cvelist6prion6oraclelinux6githubexploit3f52veracode4rocky2fedora9cnvd1