{"id":"USN-5582-1","summary":"linux-azure-fde vulnerabilities","details":"Arthur Mongodin discovered that the netfilter subsystem in the Linux kernel\ndid not properly perform data validation. A local attacker could use this\nto escalate privileges in certain situations. (CVE-2022-34918)\n\nZhenpeng Lin discovered that the network packet scheduler implementation in\nthe Linux kernel did not properly remove all references to a route filter\nbefore freeing it in some situations. A local attacker could use this to\ncause a denial of service (system crash) or execute arbitrary code.\n(CVE-2022-2588)\n\nIt was discovered that the netfilter subsystem of the Linux kernel did not\nprevent one nft object from referencing an nft set in another nft table,\nleading to a use-after-free vulnerability. A local attacker could use this\nto cause a denial of service (system crash) or execute arbitrary code.\n(CVE-2022-2586)\n\nIt was discovered that the block layer subsystem in the Linux kernel did\nnot properly initialize memory in some situations. A privileged local\nattacker could use this to expose sensitive information (kernel memory).\n(CVE-2022-0494)\n\nHu Jiahui discovered that multiple race conditions existed in the Advanced\nLinux Sound Architecture (ALSA) framework, leading to use-after-free\nvulnerabilities. A local attacker could use these to cause a denial of\nservice (system crash) or possibly execute arbitrary code. (CVE-2022-1048)\n\nMinh Yuan discovered that the floppy disk driver in the Linux kernel\ncontained a race condition, leading to a use-after-free vulnerability. A\nlocal attacker could possibly use this to cause a denial of service (system\ncrash) or execute arbitrary code. (CVE-2022-1652)\n\nIt was discovered that the Atheros ath9k wireless device driver in the\nLinux kernel did not properly handle some error conditions, leading to a\nuse-after-free vulnerability. A local attacker could use this to cause a\ndenial of service (system crash) or possibly execute arbitrary code.\n(CVE-2022-1679)\n\nIt was discovered that the Marvell NFC device driver implementation in the\nLinux kernel did not properly perform memory cleanup operations in some\nsituations, leading to a use-after-free vulnerability. A local attacker\ncould possibly use this to cause a denial of service (system crash) or\nexecute arbitrary code. (CVE-2022-1734)\n\nDuoming Zhou discovered a race condition in the NFC subsystem in the Linux\nkernel, leading to a use-after-free vulnerability. A privileged local\nattacker could use this to cause a denial of service (system crash) or\npossibly execute arbitrary code. (CVE-2022-1974)\n\nDuoming Zhou discovered that the NFC subsystem in the Linux kernel did not\nproperly prevent context switches from occurring during certain atomic\ncontext operations. A privileged local attacker could use this to cause a\ndenial of service (system crash). (CVE-2022-1975)\n\nFelix Fu discovered that the Sun RPC implementation in the Linux kernel did\nnot properly handle socket states, leading to a use-after-free\nvulnerability. A remote attacker could possibly use this to cause a denial\nof service (system crash) or execute arbitrary code. (CVE-2022-28893)\n\n","modified":"2026-05-23T01:33:29.278291594Z","published":"2022-08-25T03:58:20Z","related":["UBUNTU-CVE-2022-0494","UBUNTU-CVE-2022-1048","UBUNTU-CVE-2022-1652","UBUNTU-CVE-2022-1679","UBUNTU-CVE-2022-1734","UBUNTU-CVE-2022-1974","UBUNTU-CVE-2022-1975","UBUNTU-CVE-2022-2586","UBUNTU-CVE-2022-2588","UBUNTU-CVE-2022-28893","UBUNTU-CVE-2022-34918"],"upstream":["CVE-2022-0494","CVE-2022-1048","CVE-2022-1652","CVE-2022-1679","CVE-2022-1734","CVE-2022-1974","CVE-2022-1975","CVE-2022-2586","CVE-2022-2588","CVE-2022-28893","CVE-2022-34918","UBUNTU-CVE-2022-0494","UBUNTU-CVE-2022-1048","UBUNTU-CVE-2022-1652","UBUNTU-CVE-2022-1679","UBUNTU-CVE-2022-1734","UBUNTU-CVE-2022-1974","UBUNTU-CVE-2022-1975","UBUNTU-CVE-2022-2586","UBUNTU-CVE-2022-2588","UBUNTU-CVE-2022-28893","UBUNTU-CVE-2022-34918"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-5582-1"}],"affected":[{"package":{"name":"linux-azure-fde","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/linux-azure-fde?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.0-1089.94+cvm1.2"}]}],"versions":["5.4.0-1063.66+cvm2.2","5.4.0-1063.66+cvm3.2","5.4.0-1064.67+cvm1.1","5.4.0-1065.68+cvm2.1","5.4.0-1067.70+cvm1.1","5.4.0-1068.71+cvm1.1","5.4.0-1069.72+cvm1.1","5.4.0-1070.73+cvm1.1","5.4.0-1072.75+cvm1.1","5.4.0-1073.76+cvm1.1","5.4.0-1074.77+cvm1.1","5.4.0-1076.79+cvm1.1","5.4.0-1078.81+cvm1.1","5.4.0-1080.83+cvm1.1","5.4.0-1083.87+cvm1.1","5.4.0-1085.90+cvm1.1","5.4.0-1085.90+cvm2.1","5.4.0-1086.91+cvm1.1"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"linux-image-unsigned-5.4.0-1089-azure-fde","binary_version":"5.4.0-1089.94+cvm1.2"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5582-1.json","cves_map":{"ecosystem":"Ubuntu:20.04:LTS","cves":[]}}}],"schema_version":"1.7.5"}