Ubuntu update for linux-intel-iotg



Published: 2023-06-02
Risk Low
Patch available YES
Number of vulnerabilities 12
CVE-ID CVE-2022-27672
CVE-2022-3707
CVE-2023-0459
CVE-2023-1075
CVE-2023-1078
CVE-2023-1118
CVE-2023-1513
CVE-2023-1829
CVE-2023-1872
CVE-2023-20938
CVE-2023-2162
CVE-2023-32269
CWE-ID CWE-1342
CWE-415
CWE-1037
CWE-843
CWE-787
CWE-416
CWE-665
CWE-119
Exploitation vector Local
Public exploit N/A
Vulnerable software
Subscribe 		Ubuntu
Operating systems & Components / Operating system

linux-image-intel-iotg (Ubuntu package)
/

linux-image-5.15.0-1030-intel-iotg (Ubuntu package)
Operating systems & Components / Operating system package or component

Vendor Canonical Ltd.

Security Bulletin

This security bulletin contains information about 12 vulnerabilities.

1) Cross-thread return address predictions

EUVDB-ID: #VU72470

Risk: Low

CVSSv3.1: 2.2 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-27672

CWE-ID: CWE-1342 - Information Exposure through Microarchitectural State after Transient Execution

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to certain AMD processors may speculatively execute instructions at an incorrect return site after an SMT mode switch that may potentially lead to information disclosure.

Mitigation

Update the affected package linux-intel-iotg to the latest version.

Vulnerable software versions

Ubuntu: 22.04

linux-image-intel-iotg (Ubuntu package): before 5.15.0.1030.29

linux-image-5.15.0-1030-intel-iotg (Ubuntu package): before 5.15.0-1030.35~20.04.1

External links

http://ubuntu.com/security/notices/USN-6133-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Double Free

EUVDB-ID: #VU70487

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-3707

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error within the intel_gvt_dma_map_guest_page() function in Intel GVT-g graphics driver. A local user can trigger a double free error and crash the kernel.

Mitigation

Update the affected package linux-intel-iotg to the latest version.

Vulnerable software versions

Ubuntu: 22.04

linux-image-intel-iotg (Ubuntu package): before 5.15.0.1030.29

linux-image-5.15.0-1030-intel-iotg (Ubuntu package): before 5.15.0-1030.35~20.04.1

External links

http://ubuntu.com/security/notices/USN-6133-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Processor optimization removal or modification of security-critical code

EUVDB-ID: #VU76222

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-0459

CWE-ID: CWE-1037 - Processor optimization removal or modification of security-critical code

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to improper implementation of speculative execution barriers in usercopy functions
in certain situations. A local user can gain access to sensitive information.

Mitigation

Update the affected package linux-intel-iotg to the latest version.

Vulnerable software versions

Ubuntu: 22.04

linux-image-intel-iotg (Ubuntu package): before 5.15.0.1030.29

linux-image-5.15.0-1030-intel-iotg (Ubuntu package): before 5.15.0-1030.35~20.04.1

External links

http://ubuntu.com/security/notices/USN-6133-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Type Confusion

EUVDB-ID: #VU72700

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-1075

CWE-ID: CWE-843 - Type confusion

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a type confusion error within the tls_is_tx_ready() function in the net/tls stack of the Linux Kernel. A local user can trigger a type confusion error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package linux-intel-iotg to the latest version.

Vulnerable software versions

Ubuntu: 22.04

linux-image-intel-iotg (Ubuntu package): before 5.15.0.1030.29

linux-image-5.15.0-1030-intel-iotg (Ubuntu package): before 5.15.0-1030.35~20.04.1

External links

http://ubuntu.com/security/notices/USN-6133-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Out-of-bounds write

EUVDB-ID: #VU74054

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-1078

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the rds_rm_zerocopy_callback() function in Linux kernel RDS (Reliable Datagram Sockets) protocol. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package linux-intel-iotg to the latest version.

Vulnerable software versions

Ubuntu: 22.04

linux-image-intel-iotg (Ubuntu package): before 5.15.0.1030.29

linux-image-5.15.0-1030-intel-iotg (Ubuntu package): before 5.15.0-1030.35~20.04.1

External links

http://ubuntu.com/security/notices/USN-6133-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Use-after-free

EUVDB-ID: #VU72734

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-1118

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in the Linux kernel integrated infrared receiver/transceiver driver "drivers/media/rc/ene_ir.c" when detaching rc device. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.


Mitigation

Update the affected package linux-intel-iotg to the latest version.

Vulnerable software versions

Ubuntu: 22.04

linux-image-intel-iotg (Ubuntu package): before 5.15.0.1030.29

linux-image-5.15.0-1030-intel-iotg (Ubuntu package): before 5.15.0-1030.35~20.04.1

External links

http://ubuntu.com/security/notices/USN-6133-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Improper Initialization

EUVDB-ID: #VU74630

Risk: Low

CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-1513

CWE-ID: CWE-665 - Improper Initialization

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to improper initialization when calling the KVM_GET_DEBUGREGS ioctl on 32-bit systems. A local user can run a specially crafted application to gain access to sensitive information.

Mitigation

Update the affected package linux-intel-iotg to the latest version.

Vulnerable software versions

Ubuntu: 22.04

linux-image-intel-iotg (Ubuntu package): before 5.15.0.1030.29

linux-image-5.15.0-1030-intel-iotg (Ubuntu package): before 5.15.0-1030.35~20.04.1

External links

http://ubuntu.com/security/notices/USN-6133-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Use-after-free

EUVDB-ID: #VU75448

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-1829

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the tcindex_delete() function. A local user can trigger a use-after-free error and execute arbitrary code with root privileges.

Mitigation

Update the affected package linux-intel-iotg to the latest version.

Vulnerable software versions

Ubuntu: 22.04

linux-image-intel-iotg (Ubuntu package): before 5.15.0.1030.29

linux-image-5.15.0-1030-intel-iotg (Ubuntu package): before 5.15.0-1030.35~20.04.1

External links

http://ubuntu.com/security/notices/USN-6133-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Use-after-free

EUVDB-ID: #VU75529

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-1872

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the io_file_get_fixed function. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package linux-intel-iotg to the latest version.

Vulnerable software versions

Ubuntu: 22.04

linux-image-intel-iotg (Ubuntu package): before 5.15.0.1030.29

linux-image-5.15.0-1030-intel-iotg (Ubuntu package): before 5.15.0-1030.35~20.04.1

External links

http://ubuntu.com/security/notices/USN-6133-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Buffer overflow

EUVDB-ID: #VU72032

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-20938

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to a boundary error within the Binder component in kernel. A local application can trigger memory corruption and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package linux-intel-iotg to the latest version.

Vulnerable software versions

Ubuntu: 22.04

linux-image-intel-iotg (Ubuntu package): before 5.15.0.1030.29

linux-image-5.15.0-1030-intel-iotg (Ubuntu package): before 5.15.0-1030.35~20.04.1

External links

http://ubuntu.com/security/notices/USN-6133-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Use-after-free

EUVDB-ID: #VU75994

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-2162

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to a use-after-free error within the scsi_sw_tcp_session_create() function in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. A local user can trigger a use-after-free error and gain access to sensitive information.

Mitigation

Update the affected package linux-intel-iotg to the latest version.

Vulnerable software versions

Ubuntu: 22.04

linux-image-intel-iotg (Ubuntu package): before 5.15.0.1030.29

linux-image-5.15.0-1030-intel-iotg (Ubuntu package): before 5.15.0-1030.35~20.04.1

External links

http://ubuntu.com/security/notices/USN-6133-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Use-after-free

EUVDB-ID: #VU76221

Risk: Low

CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-32269

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error in net/netrom/af_netrom.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability requires that the system has netrom routing configured or the attacker must have the CAP_NET_ADMIN capability.

Mitigation

Update the affected package linux-intel-iotg to the latest version.

Vulnerable software versions

Ubuntu: 22.04

linux-image-intel-iotg (Ubuntu package): before 5.15.0.1030.29

linux-image-5.15.0-1030-intel-iotg (Ubuntu package): before 5.15.0-1030.35~20.04.1

External links

http://ubuntu.com/security/notices/USN-6133-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###