usn-5471-1
Vulnerability from osv_ubuntu
Published
2022-06-08 05:03
Modified
2026-06-03 10:45
Summary
linux-oem-5.17 vulnerabilities
Details

It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. (CVE-2022-21499)

Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1966)

Moshe Kol, Amit Klein and Yossi Gilad discovered that the IP implementation in the Linux kernel did not provide sufficient randomization when calculating port offsets. An attacker could possibly use this to expose sensitive information. (CVE-2022-1012)

Duoming Zhou discovered race conditions in the AX.25 amateur radio protocol implementation in the Linux kernel, leading to use-after-free vulnerabilities. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-1205)

It was discovered that the Marvell NFC device driver implementation in the Linux kernel did not properly perform memory cleanup operations in some situations, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1734)

Minh Yuan discovered that the floppy driver in the Linux kernel contained a race condition in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1836)

Ziming Zhang discovered that the netfilter subsystem in the Linux kernel did not properly validate sets with multiple ranged fields. A local attacker could use this to cause a denial of service or execute arbitrary code. (CVE-2022-1972)

Joseph Ravichandran and Michael Wang discovered that the io_uring subsystem in the Linux kernel did not properly initialize data in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2022-29968)


{
  "affected": [
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2022-1012",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2022-1205",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2022-1734",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2022-1836",
              "severity": [
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2022-1966",
              "severity": [
                {
                  "score": "high",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2022-1972",
              "severity": [
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2022-21499",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "high",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2022-29968",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:22.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "No subscription required",
        "binaries": [
          {
            "binary_name": "linux-buildinfo-5.17.0-1011-oem",
            "binary_version": "5.17.0-1011.12"
          },
          {
            "binary_name": "linux-headers-5.17.0-1011-oem",
            "binary_version": "5.17.0-1011.12"
          },
          {
            "binary_name": "linux-image-unsigned-5.17.0-1011-oem",
            "binary_version": "5.17.0-1011.12"
          },
          {
            "binary_name": "linux-modules-5.17.0-1011-oem",
            "binary_version": "5.17.0-1011.12"
          },
          {
            "binary_name": "linux-modules-iwlwifi-5.17.0-1011-oem",
            "binary_version": "5.17.0-1011.12"
          },
          {
            "binary_name": "linux-oem-5.17-headers-5.17.0-1011",
            "binary_version": "5.17.0-1011.12"
          },
          {
            "binary_name": "linux-oem-5.17-tools-5.17.0-1011",
            "binary_version": "5.17.0-1011.12"
          },
          {
            "binary_name": "linux-oem-5.17-tools-host",
            "binary_version": "5.17.0-1011.12"
          },
          {
            "binary_name": "linux-tools-5.17.0-1011-oem",
            "binary_version": "5.17.0-1011.12"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:22.04:LTS",
        "name": "linux-oem-5.17",
        "purl": "pkg:deb/ubuntu/linux-oem-5.17@5.17.0-1011.12?arch=source\u0026distro=jammy"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.17.0-1011.12"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "5.17.0-1003.3",
        "5.17.0-1004.4",
        "5.17.0-1006.6"
      ]
    }
  ],
  "aliases": [],
  "details": "It was discovered that the Linux kernel did not properly restrict access to\nthe kernel debugger when booted in secure boot environments. A privileged\nattacker could use this to bypass UEFI Secure Boot restrictions.\n(CVE-2022-21499)\n\nAaron Adams discovered that the netfilter subsystem in the Linux kernel did\nnot properly handle the removal of stateful expressions in some situations,\nleading to a use-after-free vulnerability. A local attacker could use this\nto cause a denial of service (system crash) or execute arbitrary code.\n(CVE-2022-1966)\n\nMoshe Kol, Amit Klein and Yossi Gilad discovered that the IP implementation\nin the Linux kernel did not provide sufficient randomization when\ncalculating port offsets. An attacker could possibly use this to expose\nsensitive information. (CVE-2022-1012)\n\nDuoming Zhou discovered race conditions in the AX.25 amateur radio protocol\nimplementation in the Linux kernel, leading to use-after-free\nvulnerabilities. A local attacker could possibly use this to cause a denial\nof service (system crash). (CVE-2022-1205)\n\nIt was discovered that the Marvell NFC device driver implementation in the\nLinux kernel did not properly perform memory cleanup operations in some\nsituations, leading to a use-after-free vulnerability. A local attacker\ncould possibly use this to cause a denial of service (system crash) or\nexecute arbitrary code. (CVE-2022-1734)\n\nMinh Yuan discovered that the floppy driver in the Linux kernel contained a\nrace condition in some situations, leading to a use-after-free\nvulnerability. A local attacker could use this to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2022-1836)\n\nZiming Zhang discovered that the netfilter subsystem in the Linux kernel\ndid not properly validate sets with multiple ranged fields. A local\nattacker could use this to cause a denial of service or execute arbitrary\ncode. (CVE-2022-1972)\n\nJoseph Ravichandran and Michael Wang discovered that the io_uring subsystem\nin the Linux kernel did not properly initialize data in some situations. A\nlocal attacker could use this to expose sensitive information (kernel\nmemory). (CVE-2022-29968)\n",
  "id": "USN-5471-1",
  "modified": "2026-06-03T10:45:29Z",
  "published": "2022-06-08T05:03:04Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://ubuntu.com/security/notices/USN-5471-1"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2022-1012"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2022-1205"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2022-1734"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2022-1836"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2022-1966"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2022-1972"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2022-21499"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2022-29968"
    }
  ],
  "related": [],
  "schema_version": "1.7.0",
  "summary": "linux-oem-5.17 vulnerabilities",
  "upstream": [
    "UBUNTU-CVE-2022-1012",
    "UBUNTU-CVE-2022-1205",
    "UBUNTU-CVE-2022-1734",
    "UBUNTU-CVE-2022-1836",
    "UBUNTU-CVE-2022-1966",
    "UBUNTU-CVE-2022-1972",
    "UBUNTU-CVE-2022-21499",
    "UBUNTU-CVE-2022-29968"
  ]
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…