{"id":"USN-5295-2","summary":"linux, linux-aws, linux-aws-5.13, linux-azure, linux-gcp, linux-kvm, linux-oracle, linux-oracle-5.13, linux-raspi vulnerabilities","details":"It was discovered that the Packet network protocol implementation in the\nLinux kernel contained a double-free vulnerability. A local attacker could\nuse this to cause a denial of service (system crash) or possibly execute\narbitrary code. (CVE-2021-22600)\n\nJann Horn discovered a race condition in the Unix domain socket\nimplementation in the Linux kernel that could result in a read-after-free.\nA local attacker could use this to cause a denial of service (system crash)\nor possibly execute arbitrary code. (CVE-2021-4083)\n\nKirill Tkhai discovered that the XFS file system implementation in the\nLinux kernel did not calculate size correctly when pre-allocating space in\nsome situations. A local attacker could use this to expose sensitive\ninformation. (CVE-2021-4155)\n\nSushma Venkatesh Reddy discovered that the Intel i915 graphics driver in\nthe Linux kernel did not perform a GPU TLB flush in some situations. A\nlocal attacker could use this to cause a denial of service or possibly\nexecute arbitrary code. (CVE-2022-0330)\n\nIt was discovered that the VMware Virtual GPU driver in the Linux kernel\ndid not properly handle certain failure conditions, leading to a stale\nentry in the file descriptor table. A local attacker could use this to\nexpose sensitive information or possibly gain administrative privileges.\n(CVE-2022-22942)\n","modified":"2026-02-04T03:43:26.163416Z","published":"2022-02-22T07:14:53Z","related":["UBUNTU-CVE-2021-22600","UBUNTU-CVE-2021-4083","UBUNTU-CVE-2021-4155","UBUNTU-CVE-2022-0330","UBUNTU-CVE-2022-22942"],"upstream":["CVE-2021-22600","CVE-2021-4083","CVE-2021-4155","CVE-2022-0330","CVE-2022-22942","UBUNTU-CVE-2021-22600","UBUNTU-CVE-2021-4083","UBUNTU-CVE-2021-4155","UBUNTU-CVE-2022-0330","UBUNTU-CVE-2022-22942"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-5295-2"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2021-4083"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2021-4155"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2021-22600"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-0330"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-22942"}],"affected":[{"package":{"name":"linux-aws-5.13","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/linux-aws-5.13@5.13.0-1014.15~20.04.1?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.13.0-1014.15~20.04.1"}]}],"versions":["5.13.0-1008.9~20.04.2","5.13.0-1011.12~20.04.1","5.13.0-1012.13~20.04.1"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_version":"5.13.0-1014.15~20.04.1","binary_name":"linux-aws-5.13-cloud-tools-5.13.0-1014"},{"binary_version":"5.13.0-1014.15~20.04.1","binary_name":"linux-aws-5.13-headers-5.13.0-1014"},{"binary_version":"5.13.0-1014.15~20.04.1","binary_name":"linux-aws-5.13-tools-5.13.0-1014"},{"binary_version":"5.13.0-1014.15~20.04.1","binary_name":"linux-buildinfo-5.13.0-1014-aws"},{"binary_version":"5.13.0-1014.15~20.04.1","binary_name":"linux-cloud-tools-5.13.0-1014-aws"},{"binary_version":"5.13.0-1014.15~20.04.1","binary_name":"linux-headers-5.13.0-1014-aws"},{"binary_version":"5.13.0-1014.15~20.04.1","binary_name":"linux-image-unsigned-5.13.0-1014-aws"},{"binary_version":"5.13.0-1014.15~20.04.1","binary_name":"linux-modules-5.13.0-1014-aws"},{"binary_version":"5.13.0-1014.15~20.04.1","binary_name":"linux-modules-extra-5.13.0-1014-aws"},{"binary_version":"5.13.0-1014.15~20.04.1","binary_name":"linux-tools-5.13.0-1014-aws"}]},"database_specific":{"cves_map":{"cves":[{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2021-4083"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2021-4155"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"high"}],"id":"CVE-2021-22600"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2022-0330"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2022-22942"}],"ecosystem":"Ubuntu:20.04:LTS"},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5295-2.json"}},{"package":{"name":"linux-oracle-5.13","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/linux-oracle-5.13@5.13.0-1018.22~20.04.1?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.13.0-1018.22~20.04.1"}]}],"versions":["5.13.0-1011.13~20.04.2","5.13.0-1015.19~20.04.1","5.13.0-1016.20~20.04.1"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_version":"5.13.0-1018.22~20.04.1","binary_name":"linux-buildinfo-5.13.0-1018-oracle"},{"binary_version":"5.13.0-1018.22~20.04.1","binary_name":"linux-headers-5.13.0-1018-oracle"},{"binary_version":"5.13.0-1018.22~20.04.1","binary_name":"linux-image-unsigned-5.13.0-1018-oracle"},{"binary_version":"5.13.0-1018.22~20.04.1","binary_name":"linux-modules-5.13.0-1018-oracle"},{"binary_version":"5.13.0-1018.22~20.04.1","binary_name":"linux-modules-extra-5.13.0-1018-oracle"},{"binary_version":"5.13.0-1018.22~20.04.1","binary_name":"linux-oracle-5.13-headers-5.13.0-1018"},{"binary_version":"5.13.0-1018.22~20.04.1","binary_name":"linux-oracle-5.13-tools-5.13.0-1018"},{"binary_version":"5.13.0-1018.22~20.04.1","binary_name":"linux-tools-5.13.0-1018-oracle"}]},"database_specific":{"cves_map":{"cves":[{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2021-4083"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2021-4155"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"high"}],"id":"CVE-2021-22600"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2022-0330"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}],"id":"CVE-2022-22942"}],"ecosystem":"Ubuntu:20.04:LTS"},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5295-2.json"}}],"schema_version":"1.7.3"}