{"id":"USN-5362-1","summary":"linux-intel-5.13 vulnerabilities","details":"Nick Gregory discovered that the Linux kernel incorrectly handled network\noffload functionality. A local attacker could use this to cause a denial of\nservice or possibly execute arbitrary code. (CVE-2022-25636)\n\nEnrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, and Cristiano\nGiuffrida discovered that hardware mitigations added by ARM to their\nprocessors to address Spectre-BTI were insufficient. A local attacker could\npotentially use this to expose sensitive information. (CVE-2022-23960)\n\nIt was discovered that the BPF verifier in the Linux kernel did not\nproperly restrict pointer types in certain situations. A local attacker\ncould use this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2022-23222)\n\nMax Kellermann discovered that the Linux kernel incorrectly handled Unix\npipes. A local attacker could potentially use this to modify any file that\ncould be opened for reading. (CVE-2022-0847)\n\nYiqi Sun and Kevin Wang discovered that the cgroups implementation in the\nLinux kernel did not properly restrict access to the cgroups v1\nrelease_agent feature. A local attacker could use this to gain\nadministrative privileges. (CVE-2022-0492)\n\nWilliam Liu and Jamie Hill-Daniel discovered that the file system context\nfunctionality in the Linux kernel contained an integer underflow\nvulnerability, leading to an out-of-bounds write. A local attacker could\nuse this to cause a denial of service (system crash) or execute arbitrary\ncode. (CVE-2022-0185)\n\nEnrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, and Cristiano\nGiuffrida discovered that hardware mitigations added by Intel to their\nprocessors to address Spectre-BTI were insufficient. A local attacker could\npotentially use this to expose sensitive information. (CVE-2022-0001)\n\nJann Horn discovered a race condition in the Unix domain socket\nimplementation in the Linux kernel that could result in a read-after-free.\nA local attacker could use this to cause a denial of service (system crash)\nor possibly execute arbitrary code. (CVE-2021-4083)\n\nIt was discovered that the NFS server implementation in the Linux kernel\ncontained an out-of-bounds write vulnerability. A local attacker could use\nthis to cause a denial of service (system crash) or possibly execute\narbitrary code. (CVE-2021-4090)\n\nKirill Tkhai discovered that the XFS file system implementation in the\nLinux kernel did not calculate size correctly when pre-allocating space in\nsome situations. A local attacker could use this to expose sensitive\ninformation. (CVE-2021-4155)\n\nIt was discovered that the AMD Radeon GPU driver in the Linux kernel did\nnot properly validate writes in the debugfs file system. A privileged\nattacker could use this to cause a denial of service (system crash) or\npossibly execute arbitrary code. (CVE-2021-42327)\n\nSushma Venkatesh Reddy discovered that the Intel i915 graphics driver in\nthe Linux kernel did not perform a GPU TLB flush in some situations. A\nlocal attacker could use this to cause a denial of service or possibly\nexecute arbitrary code. (CVE-2022-0330)\n\nSamuel Page discovered that the Transparent Inter-Process Communication\n(TIPC) protocol implementation in the Linux kernel contained a stack-based\nbuffer overflow. A remote attacker could use this to cause a denial of\nservice (system crash) for systems that have a TIPC bearer configured.\n(CVE-2022-0435)\n\nIt was discovered that the KVM implementation for s390 systems in the Linux\nkernel did not properly prevent memory operations on PVM guests that were\nin non-protected mode. A local attacker could use this to obtain\nunauthorized memory write access. (CVE-2022-0516)\n\nIt was discovered that the ICMPv6 implementation in the Linux kernel did\nnot properly deallocate memory in certain situations. A remote attacker\ncould possibly use this to cause a denial of service (memory exhaustion).\n(CVE-2022-0742)\n\nIt was discovered that the VMware Virtual GPU driver in the Linux kernel\ndid not properly handle certain failure conditions, leading to a stale\nentry in the file descriptor table. A local attacker could use this to\nexpose sensitive information or possibly gain administrative privileges.\n(CVE-2022-22942)\n","modified":"2026-02-10T04:42:33Z","published":"2022-04-01T01:11:38Z","related":["UBUNTU-CVE-2021-4083","UBUNTU-CVE-2021-4090","UBUNTU-CVE-2021-4155","UBUNTU-CVE-2021-42327","UBUNTU-CVE-2022-0001","UBUNTU-CVE-2022-0185","UBUNTU-CVE-2022-0330","UBUNTU-CVE-2022-0435","UBUNTU-CVE-2022-0492","UBUNTU-CVE-2022-0516","UBUNTU-CVE-2022-0742","UBUNTU-CVE-2022-0847","UBUNTU-CVE-2022-22942","UBUNTU-CVE-2022-23222","UBUNTU-CVE-2022-23960","UBUNTU-CVE-2022-25636"],"upstream":["CVE-2021-4083","CVE-2021-4090","CVE-2021-4155","CVE-2021-42327","CVE-2022-0001","CVE-2022-0185","CVE-2022-0330","CVE-2022-0435","CVE-2022-0492","CVE-2022-0516","CVE-2022-0742","CVE-2022-0847","CVE-2022-22942","CVE-2022-23222","CVE-2022-23960","CVE-2022-25636","UBUNTU-CVE-2021-4083","UBUNTU-CVE-2021-4090","UBUNTU-CVE-2021-4155","UBUNTU-CVE-2021-42327","UBUNTU-CVE-2022-0001","UBUNTU-CVE-2022-0185","UBUNTU-CVE-2022-0330","UBUNTU-CVE-2022-0435","UBUNTU-CVE-2022-0492","UBUNTU-CVE-2022-0516","UBUNTU-CVE-2022-0742","UBUNTU-CVE-2022-0847","UBUNTU-CVE-2022-22942","UBUNTU-CVE-2022-23222","UBUNTU-CVE-2022-23960","UBUNTU-CVE-2022-25636"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-5362-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2021-4083"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2021-4090"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2021-4155"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2021-42327"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-0001"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-0185"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-0330"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-0435"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-0492"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-0516"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-0742"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-0847"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-22942"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-23222"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-23960"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-25636"}],"affected":[{"package":{"name":"linux-intel-5.13","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/linux-intel-5.13@5.13.0-1010.10?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.13.0-1010.10"}]}],"versions":["5.13.0-1007.7","5.13.0-1008.8","5.13.0-1009.9"],"ecosystem_specific":{"binaries":[{"binary_name":"linux-buildinfo-5.13.0-1010-intel","binary_version":"5.13.0-1010.10"},{"binary_name":"linux-cloud-tools-5.13.0-1010-intel","binary_version":"5.13.0-1010.10"},{"binary_name":"linux-headers-5.13.0-1010-intel","binary_version":"5.13.0-1010.10"},{"binary_name":"linux-image-unsigned-5.13.0-1010-intel","binary_version":"5.13.0-1010.10"},{"binary_name":"linux-intel-5.13-cloud-tools-5.13.0-1010","binary_version":"5.13.0-1010.10"},{"binary_name":"linux-intel-5.13-cloud-tools-common","binary_version":"5.13.0-1010.10"},{"binary_name":"linux-intel-5.13-headers-5.13.0-1010","binary_version":"5.13.0-1010.10"},{"binary_name":"linux-intel-5.13-source-5.13.0","binary_version":"5.13.0-1010.10"},{"binary_name":"linux-intel-5.13-tools-5.13.0-1010","binary_version":"5.13.0-1010.10"},{"binary_name":"linux-intel-5.13-tools-common","binary_version":"5.13.0-1010.10"},{"binary_name":"linux-intel-5.13-tools-host","binary_version":"5.13.0-1010.10"},{"binary_name":"linux-modules-5.13.0-1010-intel","binary_version":"5.13.0-1010.10"},{"binary_name":"linux-modules-extra-5.13.0-1010-intel","binary_version":"5.13.0-1010.10"},{"binary_name":"linux-tools-5.13.0-1010-intel","binary_version":"5.13.0-1010.10"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5362-1.json","cves_map":{"cves":[{"severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2021-4083"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2021-4090"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2021-4155"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"low","type":"Ubuntu"}],"id":"CVE-2021-42327"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}],"id":"CVE-2022-0001"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}],"id":"CVE-2022-0185"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2022-0330"},{"severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2022-0435"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}],"id":"CVE-2022-0492"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2022-0516"},{"severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2022-0742"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}],"id":"CVE-2022-0847"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2022-22942"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}],"id":"CVE-2022-23222"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}],"id":"CVE-2022-23960"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}],"id":"CVE-2022-25636"}],"ecosystem":"Ubuntu:20.04:LTS"}}}],"schema_version":"1.7.3"}