SB2022101346 - Ubuntu update for linux-gcp

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2022101346

SB2022101346 - Ubuntu update for linux-gcp

Published: October 13, 2022

Security Bulletin ID SB2022101346
Severity
Low
Patch available
YES
Number of vulnerabilities 11
Exploitation vector Local access
Highest impact Code execution

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 11 secuirty vulnerabilities.


1) Memory leak (CVE-ID: CVE-2021-4159)

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due memory leak in Linux kernel EBPF verifier when handling internal data structures. A local user with permissions to insert eBPF code to the kernel can force the kernel to leak internal kernel memory details and bypass mitigations, related to exploitation protection.


2) Out-of-bounds write (CVE-ID: CVE-2022-20369)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the v4l2_m2m_querybuf() function in v4l2-mem2mem.c. A local user can trigger ab out-of-bounds write and execute arbitrary code with elevated privileges.


3) Use-after-free (CVE-ID: CVE-2022-2318)

The vulnerability allows a local user to perform a denial of service attack.

The vulnerability exists due to a use-after-free error caused by timer handler in net/rose/rose_timer.c of linux. A local user can exploit the vulnerability to perform a denial of service attack.


4) Information disclosure (CVE-ID: CVE-2022-26365)

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend. A local user can gain unauthorized access to sensitive information on the system.


5) Security restrictions bypass (CVE-ID: CVE-2022-26373)

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to non-transparent sharing of return predictor targets between contexts in Intel CPU processors. A local user can bypass the expected architecture isolation between contexts and gain access to sensitive information on the system.


6) Use-after-free (CVE-ID: CVE-2022-3176)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in io_uring implementation in the Linux kernel. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.


7) Information disclosure (CVE-ID: CVE-2022-33740)

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to Linux Block and Network PV device frontends don't zero memory regions before sharing them with the backend. A local user can gain unauthorized access to sensitive information on the system.


8) Information disclosure (CVE-ID: CVE-2022-33741)

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to granularity of the grant table doesn't allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend. A local user can gain unauthorized access to sensitive information on the system.


9) Information disclosure (CVE-ID: CVE-2022-33742)

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to granularity of the grant table doesn't allow sharing less than a 4K page, leading to unrelated data residing in the same 4K page as data shared with a backend being accessible by such backend. A local user can gain unauthorized access to sensitive information on the system.


10) Resource management error (CVE-ID: CVE-2022-33744)

The vulnerability allows an attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of foreign mappings performed by rbtree when mapping pages of Arm guests. An unprivileged Arm guest can cause inconsistencies of the rbtree via PV devices, which can lead to denial of service of dom0 and cause crashes or the inability to perform further mappings of other guests' memory pages.


11) Resource management error (CVE-ID: CVE-2022-36879)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within the xfrm_expand_policies() function in net/xfrm/xfrm_policy.c. A local user can cause the refcount to be dropped twice and perform a denial of service (DoS) attack.


Remediation

Install update from vendor's website.

References