USN-5582-1: Linux kernel (Azure CVM) vulnerabilities<\/p>\n
Arthur Mongodin discovered that the netfilter subsystem in the Linux kernel
\ndid not properly perform data validation. A local attacker could use this
\nto escalate privileges in certain situations. (CVE-2022-34918)<\/p>\n
Zhenpeng Lin discovered that the network packet scheduler implementation in
\nthe Linux kernel did not properly remove all references to a route filter
\nbefore freeing it in some situations. A local attacker could use this to
\ncause a denial of service (system crash) or execute arbitrary code.
\n(CVE-2022-2588)<\/p>\n
It was discovered that the netfilter subsystem of the Linux kernel did not
\nprevent one nft object from referencing an nft set in another nft table,
\nleading to a use-after-free vulnerability. A local attacker could use this
\nto cause a denial of service (system crash) or execute arbitrary code.
\n(CVE-2022-2586)<\/p>\n
It was discovered that the block layer subsystem in the Linux kernel did
\nnot properly initialize memory in some situations. A privileged local
\nattacker could use this to expose sensitive information (kernel memory).
\n(CVE-2022-0494)<\/p>\n
Hu Jiahui discovered that multiple race conditions existed in the Advanced
\nLinux Sound Architecture (ALSA) framework, leading to use-after-free
\nvulnerabilities. A local attacker could use these to cause a denial of
\nservice (system crash) or possibly execute arbitrary code. (CVE-2022-1048)<\/p>\n
Minh Yuan discovered that the floppy disk driver in the Linux kernel
\ncontained a race condition, leading to a use-after-free vulnerability. A
\nlocal attacker could possibly use this to cause a denial of service (system
\ncrash) or execute arbitrary code. (CVE-2022-1652)<\/p>\n
It was discovered that the Atheros ath9k wireless device driver in the
\nLinux kernel did not properly handle some error conditions, leading to a
\nuse-after-free vulnerability. A local attacker could use this to cause a
\ndenial of service (system crash) or possibly execute arbitrary code.
\n(CVE-2022-1679)<\/p>\n
It was discovered that the Marvell NFC device driver implementation in the
\nLinux kernel did not properly perform memory cleanup operations in some
\nsituations, leading to a use-after-free vulnerability. A local attacker
\ncould possibly use this to cause a denial of service (system crash) or
\nexecute arbitrary code. (CVE-2022-1734)<\/p>\n
Duoming Zhou discovered a race condition in the NFC subsystem in the Linux
\nkernel, leading to a use-after-free vulnerability. A privileged local
\nattacker could use this to cause a denial of service (system crash) or
\npossibly execute arbitrary code. (CVE-2022-1974)<\/p>\n
Duoming Zhou discovered that the NFC subsystem in the Linux kernel did not
\nproperly prevent context switches from occurring during certain atomic
\ncontext operations. A privileged local attacker could use this to cause a
\ndenial of service (system crash). (CVE-2022-1975)<\/p>\n
Felix Fu discovered that the Sun RPC implementation in the Linux kernel did USN-5582-1: Linux kernel (Azure CVM) vulnerabilities Arthur Mongodin discovered that the netfilter subsystem in the Linux kernel did not properly perform data validation. A local attacker could use this to escalate privileges in certain situations. (CVE-2022-34918) Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-2588) It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-2586) It was discovered that the block [ more… ]<\/a><\/p>\n<\/div>","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[586],"tags":[587],"class_list":["post-47661","post","type-post","status-publish","format-standard","hentry","category-ubuntu-usn","tag-ubuntu-usn"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/47661","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/comments?post=47661"}],"version-history":[{"count":1,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/47661\/revisions"}],"predecessor-version":[{"id":47662,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/47661\/revisions\/47662"}],"wp:attachment":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/media?parent=47661"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/categories?post=47661"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/tags?post=47661"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\nnot properly handle socket states, leading to a use-after-free
\nvulnerability. A remote attacker could possibly use this to cause a denial
\nof service (system crash) or execute arbitrary code. (CVE-2022-28893)
\nSource: USN-5582-1: Linux kernel (Azure CVM) vulnerabilities<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"