Ubuntu update for linux



Published: 2022-12-01 | Updated: 2023-07-03
Risk Medium
Patch available YES
Number of vulnerabilities 9
CVE-ID CVE-2022-3239
CVE-2022-3524
CVE-2022-3564
CVE-2022-3565
CVE-2022-3566
CVE-2022-3567
CVE-2022-3594
CVE-2022-3621
CVE-2022-42703
CWE-ID CWE-416
CWE-401
CWE-119
CWE-362
CWE-532
CWE-476
Exploitation vector Network
Public exploit Public exploit code for vulnerability #9 is available.
Vulnerable software
Subscribe
Ubuntu
Operating systems & Components / Operating system

linux-image-virtual (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-snapdragon (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-raspi2 (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-oracle-lts-18.04 (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-lowlatency (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-kvm (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-generic-lpae (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-generic (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-gcp-lts-18.04 (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-dell300x (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-aws-lts-18.04 (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-4.15.0-200-lowlatency (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-4.15.0-200-generic-lpae (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-4.15.0-200-generic (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-4.15.0-1146-aws (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-4.15.0-1142-snapdragon (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-4.15.0-1141-gcp (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-4.15.0-1132-kvm (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-4.15.0-1124-raspi2 (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-4.15.0-1111-oracle (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-4.15.0-1057-dell300x (Ubuntu package)
Operating systems & Components / Operating system package or component

Vendor Canonical Ltd.

Security Bulletin

This security bulletin contains information about 9 vulnerabilities.

1) Use-after-free

EUVDB-ID: #VU68337

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-3239

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the Linux kernel video4linux driver in the way user triggers em28xx_usb_probe() for the Empia 28xx based TV cards. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package linux to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-virtual (Ubuntu package): before 4.15.0.200.183

linux-image-snapdragon (Ubuntu package): before 4.15.0.1142.141

linux-image-raspi2 (Ubuntu package): before 4.15.0.1124.119

linux-image-oracle-lts-18.04 (Ubuntu package): before 4.15.0.1111.116

linux-image-lowlatency (Ubuntu package): before 4.15.0.200.183

linux-image-kvm (Ubuntu package): before 4.15.0.1132.123

linux-image-generic-lpae (Ubuntu package): before 4.15.0.200.183

linux-image-generic (Ubuntu package): before 4.15.0.200.183

linux-image-gcp-lts-18.04 (Ubuntu package): before 4.15.0.1141.155

linux-image-dell300x (Ubuntu package): before 4.15.0.1057.56

linux-image-aws-lts-18.04 (Ubuntu package): before 4.15.0.1146.144

linux-image-4.15.0-200-lowlatency (Ubuntu package): before 4.15.0-200.211

linux-image-4.15.0-200-generic-lpae (Ubuntu package): before 4.15.0-200.211

linux-image-4.15.0-200-generic (Ubuntu package): before 4.15.0-200.211

linux-image-4.15.0-1146-aws (Ubuntu package): before 4.15.0-1146.158

linux-image-4.15.0-1142-snapdragon (Ubuntu package): before 4.15.0-1142.152

linux-image-4.15.0-1141-gcp (Ubuntu package): before 4.15.0-1141.157

linux-image-4.15.0-1132-kvm (Ubuntu package): before 4.15.0-1132.137

linux-image-4.15.0-1124-raspi2 (Ubuntu package): before 4.15.0-1124.132

linux-image-4.15.0-1111-oracle (Ubuntu package): before 4.15.0-1111.122

linux-image-4.15.0-1057-dell300x (Ubuntu package): before 4.15.0-1057.62

External links

http://ubuntu.com/security/notices/USN-5757-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Memory leak

EUVDB-ID: #VU69756

Risk: Medium

CVSSv3.1: 4.6 [CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-3524

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform DoS attack on the target system.

The vulnerability exists due memory leak within the ipv6_renew_options() function when retrieving a new IPv6 address from a malicious DHCP server. A remote attacker can force the system to leak memory and perform denial of service attack.

Mitigation

Update the affected package linux to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-virtual (Ubuntu package): before 4.15.0.200.183

linux-image-snapdragon (Ubuntu package): before 4.15.0.1142.141

linux-image-raspi2 (Ubuntu package): before 4.15.0.1124.119

linux-image-oracle-lts-18.04 (Ubuntu package): before 4.15.0.1111.116

linux-image-lowlatency (Ubuntu package): before 4.15.0.200.183

linux-image-kvm (Ubuntu package): before 4.15.0.1132.123

linux-image-generic-lpae (Ubuntu package): before 4.15.0.200.183

linux-image-generic (Ubuntu package): before 4.15.0.200.183

linux-image-gcp-lts-18.04 (Ubuntu package): before 4.15.0.1141.155

linux-image-dell300x (Ubuntu package): before 4.15.0.1057.56

linux-image-aws-lts-18.04 (Ubuntu package): before 4.15.0.1146.144

linux-image-4.15.0-200-lowlatency (Ubuntu package): before 4.15.0-200.211

linux-image-4.15.0-200-generic-lpae (Ubuntu package): before 4.15.0-200.211

linux-image-4.15.0-200-generic (Ubuntu package): before 4.15.0-200.211

linux-image-4.15.0-1146-aws (Ubuntu package): before 4.15.0-1146.158

linux-image-4.15.0-1142-snapdragon (Ubuntu package): before 4.15.0-1142.152

linux-image-4.15.0-1141-gcp (Ubuntu package): before 4.15.0-1141.157

linux-image-4.15.0-1132-kvm (Ubuntu package): before 4.15.0-1132.137

linux-image-4.15.0-1124-raspi2 (Ubuntu package): before 4.15.0-1124.132

linux-image-4.15.0-1111-oracle (Ubuntu package): before 4.15.0-1111.122

linux-image-4.15.0-1057-dell300x (Ubuntu package): before 4.15.0-1057.62

External links

http://ubuntu.com/security/notices/USN-5757-1


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Use-after-free

EUVDB-ID: #VU69799

Risk: Low

CVSSv3.1: 5.9 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-3564

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows an attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error within the l2cap_reassemble_sdu() function in net/bluetooth/l2cap_core.c. An attacker with physical access to device can trigger a use-after-free error and execute arbitrary code on the system.

Mitigation

Update the affected package linux to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-virtual (Ubuntu package): before 4.15.0.200.183

linux-image-snapdragon (Ubuntu package): before 4.15.0.1142.141

linux-image-raspi2 (Ubuntu package): before 4.15.0.1124.119

linux-image-oracle-lts-18.04 (Ubuntu package): before 4.15.0.1111.116

linux-image-lowlatency (Ubuntu package): before 4.15.0.200.183

linux-image-kvm (Ubuntu package): before 4.15.0.1132.123

linux-image-generic-lpae (Ubuntu package): before 4.15.0.200.183

linux-image-generic (Ubuntu package): before 4.15.0.200.183

linux-image-gcp-lts-18.04 (Ubuntu package): before 4.15.0.1141.155

linux-image-dell300x (Ubuntu package): before 4.15.0.1057.56

linux-image-aws-lts-18.04 (Ubuntu package): before 4.15.0.1146.144

linux-image-4.15.0-200-lowlatency (Ubuntu package): before 4.15.0-200.211

linux-image-4.15.0-200-generic-lpae (Ubuntu package): before 4.15.0-200.211

linux-image-4.15.0-200-generic (Ubuntu package): before 4.15.0-200.211

linux-image-4.15.0-1146-aws (Ubuntu package): before 4.15.0-1146.158

linux-image-4.15.0-1142-snapdragon (Ubuntu package): before 4.15.0-1142.152

linux-image-4.15.0-1141-gcp (Ubuntu package): before 4.15.0-1141.157

linux-image-4.15.0-1132-kvm (Ubuntu package): before 4.15.0-1132.137

linux-image-4.15.0-1124-raspi2 (Ubuntu package): before 4.15.0-1124.132

linux-image-4.15.0-1111-oracle (Ubuntu package): before 4.15.0-1111.122

linux-image-4.15.0-1057-dell300x (Ubuntu package): before 4.15.0-1057.62

External links

http://ubuntu.com/security/notices/USN-5757-1


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Buffer overflow

EUVDB-ID: #VU69709

Risk: Low

CVSSv3.1: 5.9 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-3565

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows an attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the del_timer() function in drivers/isdn/mISDN/l1oip_core.c in the Bluetooth component. An attacker with physical proximity to device can trigger memory corruption and execute arbitrary code on the target system.


Mitigation

Update the affected package linux to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-virtual (Ubuntu package): before 4.15.0.200.183

linux-image-snapdragon (Ubuntu package): before 4.15.0.1142.141

linux-image-raspi2 (Ubuntu package): before 4.15.0.1124.119

linux-image-oracle-lts-18.04 (Ubuntu package): before 4.15.0.1111.116

linux-image-lowlatency (Ubuntu package): before 4.15.0.200.183

linux-image-kvm (Ubuntu package): before 4.15.0.1132.123

linux-image-generic-lpae (Ubuntu package): before 4.15.0.200.183

linux-image-generic (Ubuntu package): before 4.15.0.200.183

linux-image-gcp-lts-18.04 (Ubuntu package): before 4.15.0.1141.155

linux-image-dell300x (Ubuntu package): before 4.15.0.1057.56

linux-image-aws-lts-18.04 (Ubuntu package): before 4.15.0.1146.144

linux-image-4.15.0-200-lowlatency (Ubuntu package): before 4.15.0-200.211

linux-image-4.15.0-200-generic-lpae (Ubuntu package): before 4.15.0-200.211

linux-image-4.15.0-200-generic (Ubuntu package): before 4.15.0-200.211

linux-image-4.15.0-1146-aws (Ubuntu package): before 4.15.0-1146.158

linux-image-4.15.0-1142-snapdragon (Ubuntu package): before 4.15.0-1142.152

linux-image-4.15.0-1141-gcp (Ubuntu package): before 4.15.0-1141.157

linux-image-4.15.0-1132-kvm (Ubuntu package): before 4.15.0-1132.137

linux-image-4.15.0-1124-raspi2 (Ubuntu package): before 4.15.0-1124.132

linux-image-4.15.0-1111-oracle (Ubuntu package): before 4.15.0-1111.122

linux-image-4.15.0-1057-dell300x (Ubuntu package): before 4.15.0-1057.62

External links

http://ubuntu.com/security/notices/USN-5757-1


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Race condition

EUVDB-ID: #VU69810

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-3566

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the tcp_getsockopt() and tcp_setsockopt() functions in net/ipv4/tcp.c, do_ipv6_setsockopt() function in net/ipv6/ipv6_sockglue.c, and tcp_v6_connect() function in net/ipv6/tcp_ipv6.c in Linux kernel. A local user can exploit the race and escalate privileges on the system.

Mitigation

Update the affected package linux to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-virtual (Ubuntu package): before 4.15.0.200.183

linux-image-snapdragon (Ubuntu package): before 4.15.0.1142.141

linux-image-raspi2 (Ubuntu package): before 4.15.0.1124.119

linux-image-oracle-lts-18.04 (Ubuntu package): before 4.15.0.1111.116

linux-image-lowlatency (Ubuntu package): before 4.15.0.200.183

linux-image-kvm (Ubuntu package): before 4.15.0.1132.123

linux-image-generic-lpae (Ubuntu package): before 4.15.0.200.183

linux-image-generic (Ubuntu package): before 4.15.0.200.183

linux-image-gcp-lts-18.04 (Ubuntu package): before 4.15.0.1141.155

linux-image-dell300x (Ubuntu package): before 4.15.0.1057.56

linux-image-aws-lts-18.04 (Ubuntu package): before 4.15.0.1146.144

linux-image-4.15.0-200-lowlatency (Ubuntu package): before 4.15.0-200.211

linux-image-4.15.0-200-generic-lpae (Ubuntu package): before 4.15.0-200.211

linux-image-4.15.0-200-generic (Ubuntu package): before 4.15.0-200.211

linux-image-4.15.0-1146-aws (Ubuntu package): before 4.15.0-1146.158

linux-image-4.15.0-1142-snapdragon (Ubuntu package): before 4.15.0-1142.152

linux-image-4.15.0-1141-gcp (Ubuntu package): before 4.15.0-1141.157

linux-image-4.15.0-1132-kvm (Ubuntu package): before 4.15.0-1132.137

linux-image-4.15.0-1124-raspi2 (Ubuntu package): before 4.15.0-1124.132

linux-image-4.15.0-1111-oracle (Ubuntu package): before 4.15.0-1111.122

linux-image-4.15.0-1057-dell300x (Ubuntu package): before 4.15.0-1057.62

External links

http://ubuntu.com/security/notices/USN-5757-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Race condition

EUVDB-ID: #VU69811

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-3567

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the inet6_stream_ops() and inet6_dgram_ops() functions. A local user can exploit the race and escalate privileges on the system.

Mitigation

Update the affected package linux to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-virtual (Ubuntu package): before 4.15.0.200.183

linux-image-snapdragon (Ubuntu package): before 4.15.0.1142.141

linux-image-raspi2 (Ubuntu package): before 4.15.0.1124.119

linux-image-oracle-lts-18.04 (Ubuntu package): before 4.15.0.1111.116

linux-image-lowlatency (Ubuntu package): before 4.15.0.200.183

linux-image-kvm (Ubuntu package): before 4.15.0.1132.123

linux-image-generic-lpae (Ubuntu package): before 4.15.0.200.183

linux-image-generic (Ubuntu package): before 4.15.0.200.183

linux-image-gcp-lts-18.04 (Ubuntu package): before 4.15.0.1141.155

linux-image-dell300x (Ubuntu package): before 4.15.0.1057.56

linux-image-aws-lts-18.04 (Ubuntu package): before 4.15.0.1146.144

linux-image-4.15.0-200-lowlatency (Ubuntu package): before 4.15.0-200.211

linux-image-4.15.0-200-generic-lpae (Ubuntu package): before 4.15.0-200.211

linux-image-4.15.0-200-generic (Ubuntu package): before 4.15.0-200.211

linux-image-4.15.0-1146-aws (Ubuntu package): before 4.15.0-1146.158

linux-image-4.15.0-1142-snapdragon (Ubuntu package): before 4.15.0-1142.152

linux-image-4.15.0-1141-gcp (Ubuntu package): before 4.15.0-1141.157

linux-image-4.15.0-1132-kvm (Ubuntu package): before 4.15.0-1132.137

linux-image-4.15.0-1124-raspi2 (Ubuntu package): before 4.15.0-1124.132

linux-image-4.15.0-1111-oracle (Ubuntu package): before 4.15.0-1111.122

linux-image-4.15.0-1057-dell300x (Ubuntu package): before 4.15.0-1057.62

External links

http://ubuntu.com/security/notices/USN-5757-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Inclusion of Sensitive Information in Log Files

EUVDB-ID: #VU69707

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-3594

CWE-ID: CWE-532 - Information Exposure Through Log Files

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to the intr_callback() function in drivers/net/usb/r8152.c can be forced to include excessive data info the log files. A local user can read the log files and gain access to sensitive data.

Note, the vulnerability can be triggered remotely.

Mitigation

Update the affected package linux to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-virtual (Ubuntu package): before 4.15.0.200.183

linux-image-snapdragon (Ubuntu package): before 4.15.0.1142.141

linux-image-raspi2 (Ubuntu package): before 4.15.0.1124.119

linux-image-oracle-lts-18.04 (Ubuntu package): before 4.15.0.1111.116

linux-image-lowlatency (Ubuntu package): before 4.15.0.200.183

linux-image-kvm (Ubuntu package): before 4.15.0.1132.123

linux-image-generic-lpae (Ubuntu package): before 4.15.0.200.183

linux-image-generic (Ubuntu package): before 4.15.0.200.183

linux-image-gcp-lts-18.04 (Ubuntu package): before 4.15.0.1141.155

linux-image-dell300x (Ubuntu package): before 4.15.0.1057.56

linux-image-aws-lts-18.04 (Ubuntu package): before 4.15.0.1146.144

linux-image-4.15.0-200-lowlatency (Ubuntu package): before 4.15.0-200.211

linux-image-4.15.0-200-generic-lpae (Ubuntu package): before 4.15.0-200.211

linux-image-4.15.0-200-generic (Ubuntu package): before 4.15.0-200.211

linux-image-4.15.0-1146-aws (Ubuntu package): before 4.15.0-1146.158

linux-image-4.15.0-1142-snapdragon (Ubuntu package): before 4.15.0-1142.152

linux-image-4.15.0-1141-gcp (Ubuntu package): before 4.15.0-1141.157

linux-image-4.15.0-1132-kvm (Ubuntu package): before 4.15.0-1132.137

linux-image-4.15.0-1124-raspi2 (Ubuntu package): before 4.15.0-1124.132

linux-image-4.15.0-1111-oracle (Ubuntu package): before 4.15.0-1111.122

linux-image-4.15.0-1057-dell300x (Ubuntu package): before 4.15.0-1057.62

External links

http://ubuntu.com/security/notices/USN-5757-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) NULL pointer dereference

EUVDB-ID: #VU69300

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-3621

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the nilfs2 filesystem driver within the nilfs_bmap_lookup_at_level() function in fs/nilfs2/inode.c in Linux kernel. A remote attacker can trick the victim into mounting a specially crafted image and perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-virtual (Ubuntu package): before 4.15.0.200.183

linux-image-snapdragon (Ubuntu package): before 4.15.0.1142.141

linux-image-raspi2 (Ubuntu package): before 4.15.0.1124.119

linux-image-oracle-lts-18.04 (Ubuntu package): before 4.15.0.1111.116

linux-image-lowlatency (Ubuntu package): before 4.15.0.200.183

linux-image-kvm (Ubuntu package): before 4.15.0.1132.123

linux-image-generic-lpae (Ubuntu package): before 4.15.0.200.183

linux-image-generic (Ubuntu package): before 4.15.0.200.183

linux-image-gcp-lts-18.04 (Ubuntu package): before 4.15.0.1141.155

linux-image-dell300x (Ubuntu package): before 4.15.0.1057.56

linux-image-aws-lts-18.04 (Ubuntu package): before 4.15.0.1146.144

linux-image-4.15.0-200-lowlatency (Ubuntu package): before 4.15.0-200.211

linux-image-4.15.0-200-generic-lpae (Ubuntu package): before 4.15.0-200.211

linux-image-4.15.0-200-generic (Ubuntu package): before 4.15.0-200.211

linux-image-4.15.0-1146-aws (Ubuntu package): before 4.15.0-1146.158

linux-image-4.15.0-1142-snapdragon (Ubuntu package): before 4.15.0-1142.152

linux-image-4.15.0-1141-gcp (Ubuntu package): before 4.15.0-1141.157

linux-image-4.15.0-1132-kvm (Ubuntu package): before 4.15.0-1132.137

linux-image-4.15.0-1124-raspi2 (Ubuntu package): before 4.15.0-1124.132

linux-image-4.15.0-1111-oracle (Ubuntu package): before 4.15.0-1111.122

linux-image-4.15.0-1057-dell300x (Ubuntu package): before 4.15.0-1057.62

External links

http://ubuntu.com/security/notices/USN-5757-1


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Use-after-free

EUVDB-ID: #VU69297

Risk: Low

CVSSv3.1: 5 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2022-42703

CWE-ID: CWE-416 - Use After Free

Exploit availability: Yes

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the mm/rmap.c in the Linux kernel, related to leaf anon_vma double reuse. A local user can trigger a use-after-free error and crash the kernel.

Mitigation

Update the affected package linux to the latest version.

Vulnerable software versions

Ubuntu: 18.04

linux-image-virtual (Ubuntu package): before 4.15.0.200.183

linux-image-snapdragon (Ubuntu package): before 4.15.0.1142.141

linux-image-raspi2 (Ubuntu package): before 4.15.0.1124.119

linux-image-oracle-lts-18.04 (Ubuntu package): before 4.15.0.1111.116

linux-image-lowlatency (Ubuntu package): before 4.15.0.200.183

linux-image-kvm (Ubuntu package): before 4.15.0.1132.123

linux-image-generic-lpae (Ubuntu package): before 4.15.0.200.183

linux-image-generic (Ubuntu package): before 4.15.0.200.183

linux-image-gcp-lts-18.04 (Ubuntu package): before 4.15.0.1141.155

linux-image-dell300x (Ubuntu package): before 4.15.0.1057.56

linux-image-aws-lts-18.04 (Ubuntu package): before 4.15.0.1146.144

linux-image-4.15.0-200-lowlatency (Ubuntu package): before 4.15.0-200.211

linux-image-4.15.0-200-generic-lpae (Ubuntu package): before 4.15.0-200.211

linux-image-4.15.0-200-generic (Ubuntu package): before 4.15.0-200.211

linux-image-4.15.0-1146-aws (Ubuntu package): before 4.15.0-1146.158

linux-image-4.15.0-1142-snapdragon (Ubuntu package): before 4.15.0-1142.152

linux-image-4.15.0-1141-gcp (Ubuntu package): before 4.15.0-1141.157

linux-image-4.15.0-1132-kvm (Ubuntu package): before 4.15.0-1132.137

linux-image-4.15.0-1124-raspi2 (Ubuntu package): before 4.15.0-1124.132

linux-image-4.15.0-1111-oracle (Ubuntu package): before 4.15.0-1111.122

linux-image-4.15.0-1057-dell300x (Ubuntu package): before 4.15.0-1057.62

External links

http://ubuntu.com/security/notices/USN-5757-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.



###SIDEBAR###