Ubuntu update for linux-oem-5.17



Published: 2022-07-21 | Updated: 2023-08-07
Risk Low
Patch available YES
Number of vulnerabilities 11
CVE-ID CVE-2022-1652
CVE-2022-1679
CVE-2022-1789
CVE-2022-1852
CVE-2022-1973
CVE-2022-2078
CVE-2022-21123
CVE-2022-21125
CVE-2022-21166
CVE-2022-34494
CVE-2022-34495
CWE-ID CWE-416
CWE-476
CWE-119
CWE-200
CWE-415
Exploitation vector Local
Public exploit Public exploit code for vulnerability #6 is available.
Vulnerable software
Subscribe 		Ubuntu
Operating systems & Components / Operating system

linux-image-5.17.0-1013-oem (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-oem-22.04a (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-oem-22.04 (Ubuntu package)
Operating systems & Components / Operating system package or component

Vendor Canonical Ltd.

Security Bulletin

This security bulletin contains information about 11 vulnerabilities.

1) Use-after-free

EUVDB-ID: #VU64434

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-1652

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to use-after-free error in the bad_flp_intr() function. A local user can execute a specially-crafted program to cause a denial of service condition on the system or escalate privileges on the system.

Mitigation

Update the affected package linux-oem-5.17 to the latest version.

Vulnerable software versions

Ubuntu: 22.04

linux-image-5.17.0-1013-oem (Ubuntu package): before 5.17.0-1013.14

linux-image-oem-22.04a (Ubuntu package): before 5.17.0.1013.12

linux-image-oem-22.04 (Ubuntu package): before 5.17.0.1013.12

External links

http://ubuntu.com/security/notices/USN-5529-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Use-after-free

EUVDB-ID: #VU64861

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-1679

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the ath9k_htc_wait_for_target() function in the Linux kernel’s Atheros wireless adapter driver. A local user can execute arbitrary code with elevated privileges.

Mitigation

Update the affected package linux-oem-5.17 to the latest version.

Vulnerable software versions

Ubuntu: 22.04

linux-image-5.17.0-1013-oem (Ubuntu package): before 5.17.0-1013.14

linux-image-oem-22.04a (Ubuntu package): before 5.17.0.1013.12

linux-image-oem-22.04 (Ubuntu package): before 5.17.0.1013.12

External links

http://ubuntu.com/security/notices/USN-5529-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) NULL pointer dereference

EUVDB-ID: #VU64261

Risk: Low

CVSSv3.1: 5.4 [CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-1789

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference in kvm_mmu_invpcid_gva. A local attacker can trigger vulnerability to perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-oem-5.17 to the latest version.

Vulnerable software versions

Ubuntu: 22.04

linux-image-5.17.0-1013-oem (Ubuntu package): before 5.17.0-1013.14

linux-image-oem-22.04a (Ubuntu package): before 5.17.0.1013.12

linux-image-oem-22.04 (Ubuntu package): before 5.17.0.1013.12

External links

http://ubuntu.com/security/notices/USN-5529-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) NULL pointer dereference

EUVDB-ID: #VU64262

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-1852

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the Linux kernel’s KVM module. A local user can perform a denial of service (DoS) attack in the x86_emulate_insn in arch/x86/kvm/emulate.c.

Mitigation

Update the affected package linux-oem-5.17 to the latest version.

Vulnerable software versions

Ubuntu: 22.04

linux-image-5.17.0-1013-oem (Ubuntu package): before 5.17.0-1013.14

linux-image-oem-22.04a (Ubuntu package): before 5.17.0.1013.12

linux-image-oem-22.04 (Ubuntu package): before 5.17.0.1013.12

External links

http://ubuntu.com/security/notices/USN-5529-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Use-after-free

EUVDB-ID: #VU65641

Risk: Low

CVSSv3.1: 3.2 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-1973

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service attack.

The vulnerability exists due to a use-after-free error within the NTFS file system implementation in the Linux kernel. A local user can trigger a use-after-free error and crash the system or gain access to sensitive information.

Mitigation

Update the affected package linux-oem-5.17 to the latest version.

Vulnerable software versions

Ubuntu: 22.04

linux-image-5.17.0-1013-oem (Ubuntu package): before 5.17.0-1013.14

linux-image-oem-22.04a (Ubuntu package): before 5.17.0.1013.12

linux-image-oem-22.04 (Ubuntu package): before 5.17.0.1013.12

External links

http://ubuntu.com/security/notices/USN-5529-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Buffer overflow

EUVDB-ID: #VU65642

Risk: Low

CVSSv3.1: 7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2022-2078

CWE-ID: CWE-119 - Memory corruption

Exploit availability: Yes

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the nft_set_desc_concat_parse() function in Linux kernel. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.


Mitigation

Update the affected package linux-oem-5.17 to the latest version.

Vulnerable software versions

Ubuntu: 22.04

linux-image-5.17.0-1013-oem (Ubuntu package): before 5.17.0-1013.14

linux-image-oem-22.04a (Ubuntu package): before 5.17.0.1013.12

linux-image-oem-22.04 (Ubuntu package): before 5.17.0.1013.12

External links

http://ubuntu.com/security/notices/USN-5529-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

7) Information disclosure

EUVDB-ID: #VU64364

Risk: Low

CVSSv3.1: 5.2 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-21123

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows an attacker to gain access to potentially sensitive information.

The vulnerability exists in Intel processors due to excessive data output when DirectPath I/O (PCI-Passthrough) is utilized. An attacker (both local and remote) with administrative access to a virtual machine that has an attached DirectPath I/O (PCI-Passthrough) device can obtain information stored in physical memory about the hypervisor or other virtual machines that reside on the same host.


Mitigation

Update the affected package linux-oem-5.17 to the latest version.

Vulnerable software versions

Ubuntu: 22.04

linux-image-5.17.0-1013-oem (Ubuntu package): before 5.17.0-1013.14

linux-image-oem-22.04a (Ubuntu package): before 5.17.0.1013.12

linux-image-oem-22.04 (Ubuntu package): before 5.17.0.1013.12

External links

http://ubuntu.com/security/notices/USN-5529-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Information disclosure

EUVDB-ID: #VU64365

Risk: Low

CVSSv3.1: 5.2 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-21125

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows an attacker to gain access to potentially sensitive information.

The vulnerability exists in Intel processors due to excessive data output when DirectPath I/O (PCI-Passthrough) is utilized. An attacker (both local and remote) with administrative access to a virtual machine that has an attached DirectPath I/O (PCI-Passthrough) device can obtain information stored in physical memory about the hypervisor or other virtual machines that reside on the same host.



Mitigation

Update the affected package linux-oem-5.17 to the latest version.

Vulnerable software versions

Ubuntu: 22.04

linux-image-5.17.0-1013-oem (Ubuntu package): before 5.17.0-1013.14

linux-image-oem-22.04a (Ubuntu package): before 5.17.0.1013.12

linux-image-oem-22.04 (Ubuntu package): before 5.17.0.1013.12

External links

http://ubuntu.com/security/notices/USN-5529-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Information disclosure

EUVDB-ID: #VU64366

Risk: Low

CVSSv3.1: 5.2 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-21166

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows an attacker to gain access to potentially sensitive information.

The vulnerability exists in Intel processors due to excessive data output when DirectPath I/O (PCI-Passthrough) is utilized. An attacker (both local and remote) with administrative access to a virtual machine that has an attached DirectPath I/O (PCI-Passthrough) device can obtain information stored in physical memory about the hypervisor or other virtual machines that reside on the same host.

Mitigation

Update the affected package linux-oem-5.17 to the latest version.

Vulnerable software versions

Ubuntu: 22.04

linux-image-5.17.0-1013-oem (Ubuntu package): before 5.17.0-1013.14

linux-image-oem-22.04a (Ubuntu package): before 5.17.0.1013.12

linux-image-oem-22.04 (Ubuntu package): before 5.17.0.1013.12

External links

http://ubuntu.com/security/notices/USN-5529-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Double Free

EUVDB-ID: #VU65297

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-34494

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error within the rpmsg_virtio_add_ctrl_dev() function in drivers/rpmsg/virtio_rpmsg_bus.c in the Linux kernel remote processor messaging (rpmsg) framework. A local user can run a specially crafted program to trigger a double free error and perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-oem-5.17 to the latest version.

Vulnerable software versions

Ubuntu: 22.04

linux-image-5.17.0-1013-oem (Ubuntu package): before 5.17.0-1013.14

linux-image-oem-22.04a (Ubuntu package): before 5.17.0.1013.12

linux-image-oem-22.04 (Ubuntu package): before 5.17.0.1013.12

External links

http://ubuntu.com/security/notices/USN-5529-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Double Free

EUVDB-ID: #VU65643

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-34495

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error within the rpmsg_probe() function in drivers/rpmsg/virtio_rpmsg_bus.c in Linux kernel. A local user can trigger a double free error in the virtio RPMSG bus driver and crash the system.

Mitigation

Update the affected package linux-oem-5.17 to the latest version.

Vulnerable software versions

Ubuntu: 22.04

linux-image-5.17.0-1013-oem (Ubuntu package): before 5.17.0-1013.14

linux-image-oem-22.04a (Ubuntu package): before 5.17.0.1013.12

linux-image-oem-22.04 (Ubuntu package): before 5.17.0.1013.12

External links

http://ubuntu.com/security/notices/USN-5529-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###