Ubuntu update for linux-aws



Published: 2023-04-12
Risk Medium
Patch available YES
Number of vulnerabilities 50
CVE-ID CVE-2020-36516
CVE-2021-26401
CVE-2021-28712
CVE-2021-28713
CVE-2021-3428
CVE-2021-3659
CVE-2021-3669
CVE-2021-3732
CVE-2021-3772
CVE-2021-4149
CVE-2021-4203
CVE-2021-45868
CVE-2022-0487
CVE-2022-0494
CVE-2022-0617
CVE-2022-1016
CVE-2022-1195
CVE-2022-1205
CVE-2022-1462
CVE-2022-1516
CVE-2022-1974
CVE-2022-1975
CVE-2022-20132
CVE-2022-20572
CVE-2022-2318
CVE-2022-2380
CVE-2022-2503
CVE-2022-2663
CVE-2022-2991
CVE-2022-3061
CVE-2022-3111
CVE-2022-3303
CVE-2022-3628
CVE-2022-36280
CVE-2022-3646
CVE-2022-36879
CVE-2022-3903
CVE-2022-39188
CVE-2022-41218
CVE-2022-41849
CVE-2022-41850
CVE-2022-4662
CVE-2022-47929
CVE-2023-0394
CVE-2023-1074
CVE-2023-1095
CVE-2023-1118
CVE-2023-23455
CVE-2023-26545
CVE-2023-26607
CWE-ID CWE-327
CWE-200
CWE-400
CWE-190
CWE-476
CWE-264
CWE-345
CWE-667
CWE-416
CWE-125
CWE-248
CWE-863
CWE-20
CWE-122
CWE-369
CWE-119
CWE-787
CWE-399
CWE-362
CWE-284
CWE-401
CWE-843
CWE-415
Exploitation vector Network
Public exploit Public exploit code for vulnerability #13 is available.
Public exploit code for vulnerability #39 is available.
Vulnerable software
Subscribe 		Ubuntu
Operating systems & Components / Operating system

linux-image-4.4.0-1117-aws (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-aws (Ubuntu package)
Operating systems & Components / Operating system package or component

Vendor Canonical Ltd.

Security Bulletin

This security bulletin contains information about 50 vulnerabilities.

1) Use of a broken or risky cryptographic algorithm

EUVDB-ID: #VU66811

Risk: Medium

CVSSv3.1: 4.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-36516

CWE-ID: CWE-327 - Use of a Broken or Risky Cryptographic Algorithm

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) or MitM attacks.

The vulnerability exists due to an error in the mixed IPID assignment method with the hash-based IPID assignment policy in Linux kernel. A remote attacker can inject data into a victim's TCP session or terminate that session.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Information disclosure

EUVDB-ID: #VU61566

Risk: Low

CVSSv3.1: 4.9 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-26401

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application within LFENCE/JMP. A local user can gain unauthorized access to sensitive information on the system.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Resource exhaustion

EUVDB-ID: #VU63564

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-28712

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper limits for number of events driver domains could send to other guest VMs. A local user can trigger resource exhaustion and perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Resource exhaustion

EUVDB-ID: #VU63565

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-28713

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper limits for number of events driver domains could send to other guest VMs. A local user can trigger resource exhaustion and perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Integer overflow

EUVDB-ID: #VU51551

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-3428

CWE-ID: CWE-190 - Integer overflow

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to integer overflow in fs/ext4/extents.c in ext4_es_cache_extent() function, if an extent tree is corrupted in a crafted ext4 filesystem. A local user can mount a specially crafted filesystem and perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) NULL pointer dereference

EUVDB-ID: #VU74547

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-3659

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local usre to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the way the user closes the LR-WPAN connection within the IEEE 802.15.4 wireless networking subsystem. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Resource exhaustion

EUVDB-ID: #VU63911

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-3669

CWE-ID: CWE-400 - Resource exhaustion

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to measuring usage of the shared memory does not scale with large shared memory segment counts. A local user can trigger resource exhaustion and perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU74548

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-3732

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists in the way the user mounts the TmpFS filesystem with OverlayFS. A local user can gain access to hidden files that should not be accessible.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Insufficient verification of data authenticity

EUVDB-ID: #VU63835

Risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-3772

CWE-ID: CWE-345 - Insufficient Verification of Data Authenticity

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service attack (DoS) on the target system.

The vulnerability exists due to insufficient verification of data authenticity in the Linux SCTP stack. A remote attacker can exploit this vulnerability to perform a denial of service attack.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Improper locking

EUVDB-ID: #VU64071

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-4149

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service attack (DoS) on the target system.

The vulnerability exists in btrfs_alloc_tree_b in fs/btrfs/extent-tree.c in the Linux kernel due to an improper lock operation in btrfs. A local user can exploit this vulnerability to cause a deadlock, resulting in a denial of service condition.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Use-after-free

EUVDB-ID: #VU63838

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-4203

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in sock_getsockopt() function in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() function (and connect() function) in the Linux kernel. A local user can exploit the use-after-free error and crash the system or escalate privileges on the system.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Use-after-free

EUVDB-ID: #VU63422

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-45868

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial-of-service attack.

The vulnerability exists due to fs/quota/quota_tree.c does not validate the block number in the quota tree (on disk). A local user can trigger use-after-free error and perform a denial-of-service attack.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Use-after-free

EUVDB-ID: #VU61181

Risk: Low

CVSSv3.1: 5 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C]

CVE-ID: CVE-2022-0487

CWE-ID: CWE-416 - Use After Free

Exploit availability: Yes

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to a use-after-free error in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. A local user can trigger a use-after-free error and gain access to sensitive information.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

14) Information disclosure

EUVDB-ID: #VU64259

Risk: Low

CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-0494

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output in the scsi_ioctl() function in drivers/scsi/scsi_ioctl.c in the Linux kernel. A local user with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) can gain unauthorized access to sensitive information on the system.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) NULL pointer dereference

EUVDB-ID: #VU61210

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-0617

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the Linux kernel UDF file system functionality. A local user can supply a malicious UDF image to the udf_file_write_iter() function and perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Use-after-free

EUVDB-ID: #VU62028

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-1016

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to a use-after-free error in net/netfilter/nf_tables_core.c:nft_do_chain in Linux kernel.. A local user can trigger a use-after-free error and gain access to sensitive information.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Use-after-free

EUVDB-ID: #VU63430

Risk: Low

CVSSv3.1: 4 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-1195

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service attack.

The vulnerability exists due to a use-after-free error in the drivers/net/hamradio. A local user can cause a denial of service (DOS) when the mkiss or sixpack device is detached.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) NULL pointer dereference

EUVDB-ID: #VU63433

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-1205

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a null pointer dereference and use after free errors in the net/ax25/ax25_timer.c. A local user can simulate Amateur Radio and perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Out-of-bounds read

EUVDB-ID: #VU66591

Risk: Low

CVSSv3.1: 5.3 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-1462

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform denial of service (DoS) attack.

The vulnerability exists due to a boundary condition within the the Linux kernel’s TeleTYpe subsystem caused by a race condition when using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory file. A local user can trigger an out-of-bounds read error and crash the system or read random kernel memory.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) NULL pointer dereference

EUVDB-ID: #VU63158

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-1516

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference error in the Linux kernel’s X.25 set of standardized network protocols functionality. A local user can terminate session using a simulated Ethernet card and perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Use-after-free

EUVDB-ID: #VU64263

Risk: Low

CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-1974

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local privileged user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in the Linux kernel's NFC core functionality due to a race condition between kobject creation and delete. A local attacker with CAP_NET_ADMIN privilege can leak kernel information and escalate privileges on the system.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Uncaught Exception

EUVDB-ID: #VU64264

Risk: Low

CVSSv3.1: 3.9 [CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-1975

CWE-ID: CWE-248 - Uncaught Exception

Exploit availability: No

Description

The vulnerability allows a remote attacker on the local network to perform a denial of service (DoS) attack.

The vulnerability exists due to an uncaught exception error in the Linux kernel. A remote attacker on the local network can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Information disclosure

EUVDB-ID: #VU64136

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-20132

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output in the USB HID component in Linux Kernel. A local user can trigger the vulnerability to gain access to potentially sensitive information.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Incorrect authorization

EUVDB-ID: #VU74549

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-20572

CWE-ID: CWE-863 - Incorrect Authorization

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a missing permission check within the verity_target() function in dm-verity-target.c. A local user can modify read-only files and escalate privileges on the system.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Use-after-free

EUVDB-ID: #VU65318

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-2318

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service attack.

The vulnerability exists due to a use-after-free error caused by timer handler in net/rose/rose_timer.c of linux. A local user can exploit the vulnerability to perform a denial of service attack.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Out-of-bounds read

EUVDB-ID: #VU65288

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-2380

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition in the Linux kernel framebuffer within the drivers/video/fbdev/sm712fb.c:smtcfb_read() function. A local user can trigger ab out-of-bounds read error and crash the system.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU66810

Risk: Low

CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-2503

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to the way dm-verity is used to restrict module/firmware loads to trusted root filesystem in LoadPin builds. Device-mapper table reloads currently allow users with root privileges to switch out the target with an equivalent dm-linear target and bypass verification till reboot. This allows root to bypass LoadPin and can be used to load untrusted and unverified kernel modules and firmware, which implies arbitrary kernel execution and persistence for peripherals that do not verify firmware updates.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Input validation error

EUVDB-ID: #VU67510

Risk: Medium

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-2663

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass firewall rules.

The vulnerability exists due to insufficient validation of user-supplied input in nf_conntrack_irc in Linux kernel. A remote attacker can send unencrypted IRC with nf_conntrack_irc configured and bypass configured firewall rules.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Heap-based buffer overflow

EUVDB-ID: #VU67476

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-2991

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the LightNVM subsystem in Linux kernel. A local user can execute arbitrary code on the system with kernel privileges.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) Division by zero

EUVDB-ID: #VU68516

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-3061

CWE-ID: CWE-369 - Divide By Zero

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to missing checks of the "pixclock" value in the Linux kernel i740 driver. A local user can pass arbitrary values to the driver through ioctl() interface, trigger a divide by zero error and perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) NULL pointer dereference

EUVDB-ID: #VU71540

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-3111

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the free_charger_irq() function in drivers/power/supply/wm8350_power.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) NULL pointer dereference

EUVDB-ID: #VU68338

Risk: Low

CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-3303

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the Linux kernel sound subsystem due to improper locking when handling the SNDCTL_DSP_SYNC ioctl. A privileged local user can trigger a NULL pointer dereference error and perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) Buffer overflow

EUVDB-ID: #VU69803

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-3628

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the brcmf_fweh_event_worker() function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/fweh.c. A local user can use a specially crafted device to trigger memory corruption and escalate privileges on the system.


Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) Out-of-bounds write

EUVDB-ID: #VU71480

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-36280

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error within the vmw_kms_cursor_snoo() function in drivers/gpu/vmxgfx/vmxgfx_kms.c in vmwgfx VMWare driver. A local user can trigger an out-of-bounds write and perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) NULL pointer dereference

EUVDB-ID: #VU69299

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-3646

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the nilfs2 filesystem driver within the nilfs_attach_log_writer() function in fs/nilfs2/segment.c in Linux kernel. A remote attacker can trick the victim into mounting a specially crafted image and perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) Resource management error

EUVDB-ID: #VU66550

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-36879

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources within the xfrm_expand_policies() function in net/xfrm/xfrm_policy.c. A local user can cause the refcount to be dropped twice and perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Resource management error

EUVDB-ID: #VU70465

Risk: Low

CVSSv3.1: 4 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-3903

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows an attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to an incorrect read request flaw in the Infrared Transceiver USB driver in Linux kernel. An attacker with physical access to the system can starve system resources and perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) Race condition

EUVDB-ID: #VU67478

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-39188

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within include/asm-generic/tlb.h in the Linux kernel. A local user can exploit the race and escalate privileges on the system.

Note, this only occurs in situations with VM_PFNMAP VMAs.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

39) Use-after-free

EUVDB-ID: #VU67657

Risk: Low

CVSSv3.1: 7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2022-41218

CWE-ID: CWE-416 - Use After Free

Exploit availability: Yes

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the dvb_demux_open() and dvb_dmxdev_release() function in drivers/media/dvb-core/dmxdev.c in Linux kernel. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

40) Race condition

EUVDB-ID: #VU68340

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-41849

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows an attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a race condition in the drivers/video/fbdev/smscufx.c in the Linux kernel. An attacker with physical proximity to the system can remove the USB device while calling open(), cause a race condition between the ufx_ops_open and ufx_usb_disconnect and perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

41) Race condition

EUVDB-ID: #VU69792

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-41850

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a race condition within the roccat_report_event() function in drivers/hid/hid-roccat.c. A local user can trigger a use-after-free error and perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

42) Improper access control

EUVDB-ID: #VU71541

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-4662

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper access restrictions in the Linux kernel USB core subsystem in the way user attaches usb device. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

43) NULL pointer dereference

EUVDB-ID: #VU71479

Risk: Medium

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-47929

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the traffic control subsystem in Linux kernel. A local user can pass pass a specially crafted traffic control configuration that is set up with "tc qdisc" and "tc class" commands and perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

44) NULL pointer dereference

EUVDB-ID: #VU71352

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-0394

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the rawv6_push_pending_frames() function in net/ipv6/raw.c. A local user can run a specially crafted program on the system and perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

45) Memory leak

EUVDB-ID: #VU74124

Risk: Low

CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-1074

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform DoS attack on the target system.

The vulnerability exists due memory leak in Linux kernel Stream Control Transmission Protocol. A local user can start a malicious network service and then connect to remotely, forcing the kernel to leak memory.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

46) NULL pointer dereference

EUVDB-ID: #VU73783

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-1095

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in the nf_tables_updtable() function within the netfilter subsystem. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

47) Use-after-free

EUVDB-ID: #VU72734

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-1118

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in the Linux kernel integrated infrared receiver/transceiver driver "drivers/media/rc/ene_ir.c" when detaching rc device. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.


Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

48) Type Confusion

EUVDB-ID: #VU71477

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-23455

CWE-ID: CWE-843 - Type confusion

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a type confusion error within the atm_tc_enqueue() function in net/sched/sch_atm.c in the Linux kernel. A local user can trigger a type confusion error and perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

49) Double Free

EUVDB-ID: #VU73766

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-26545

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a double free in net/mpls/af_mpls.c during the renaming of a device. A local user can trigger a double free error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

50) Out-of-bounds read

EUVDB-ID: #VU74125

Risk: Low

CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-26607

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the ntfs_attr_find() function in fs/ntfs/attrib.c in Linux kernel. A local user can trigger an out-of-bounds read error and read contents of memory on the system.

Mitigation

Update the affected package linux-aws to the latest version.

Vulnerable software versions

Ubuntu: 14.04

linux-image-4.4.0-1117-aws (Ubuntu package): before Ubuntu Pro

linux-image-aws (Ubuntu package): before Ubuntu Pro (Infra-only)

External links

http://ubuntu.com/security/notices/USN-6013-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###