{"id":"USN-5729-2","summary":"linux-gcp-5.15, linux-gke-5.15, linux-intel-iotg, linux-raspi vulnerabilities","details":"It was discovered that a race condition existed in the instruction emulator\nof the Linux kernel on Arm 64-bit systems. A local attacker could use this\nto cause a denial of service (system crash). (CVE-2022-20422)\n\nHsin-Wei Hung discovered that the BPF subsystem in the Linux kernel\ncontained an out-of-bounds read vulnerability in the x86 JIT compiler. A\nlocal attacker could possibly use this to cause a denial of service (system\ncrash) or expose sensitive information (kernel memory). (CVE-2022-2905)\n\nHao Sun and Jiacheng Xu discovered that the NILFS file system\nimplementation in the Linux kernel contained a use-after-free\nvulnerability. A local attacker could use this to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2022-2978)\n\nAbhishek Shah discovered a race condition in the PF_KEYv2 implementation in\nthe Linux kernel. A local attacker could use this to cause a denial of\nservice (system crash) or possibly expose sensitive information (kernel\nmemory). (CVE-2022-3028)\n\nIt was discovered that the Netlink device interface implementation in the\nLinux kernel did not properly handle certain error conditions, leading to a\nuse-after-free vulnerability with some network device drivers. A local\nattacker with admin access to the network device could use this to cause a\ndenial of service (system crash) or possibly execute arbitrary code.\n(CVE-2022-3625)\n\nIt was discovered that the IDT 77252 ATM PCI device driver in the Linux\nkernel did not properly remove any pending timers during device exit,\nresulting in a use-after-free vulnerability. A local attacker could\npossibly use this to cause a denial of service (system crash) or execute\narbitrary code. (CVE-2022-3635)\n\nGwangun Jung discovered that the netfilter subsystem in the Linux kernel\ndid not properly prevent binding to an already bound chain. A local\nattacker could use this to cause a denial of service (system crash).\n(CVE-2022-39190)\n\nXingyuan Mo and Gengjia Chen discovered that the Promise SuperTrak EX\nstorage controller driver in the Linux kernel did not properly handle\ncertain structures. A local attacker could potentially use this to expose\nsensitive information (kernel memory). (CVE-2022-40768)\n","modified":"2026-02-10T04:42:50Z","published":"2022-11-18T21:16:08Z","related":["UBUNTU-CVE-2022-20422","UBUNTU-CVE-2022-2905","UBUNTU-CVE-2022-2978","UBUNTU-CVE-2022-3028","UBUNTU-CVE-2022-3625","UBUNTU-CVE-2022-3635","UBUNTU-CVE-2022-39190","UBUNTU-CVE-2022-40768"],"upstream":["CVE-2022-20422","CVE-2022-2905","CVE-2022-2978","CVE-2022-3028","CVE-2022-3625","CVE-2022-3635","CVE-2022-39190","CVE-2022-40768","UBUNTU-CVE-2022-20422","UBUNTU-CVE-2022-2905","UBUNTU-CVE-2022-2978","UBUNTU-CVE-2022-3028","UBUNTU-CVE-2022-3625","UBUNTU-CVE-2022-3635","UBUNTU-CVE-2022-39190","UBUNTU-CVE-2022-40768"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-5729-2"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-2905"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-2978"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-3028"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-3625"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-3635"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-20422"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-39190"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-40768"}],"affected":[{"package":{"name":"linux-gcp-5.15","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/linux-gcp-5.15@5.15.0-1022.29~20.04.1?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.15.0-1022.29~20.04.1"}]}],"versions":["5.15.0-1006.9~20.04.1","5.15.0-1012.17~20.04.1","5.15.0-1013.18~20.04.1","5.15.0-1016.21~20.04.1","5.15.0-1017.23~20.04.2","5.15.0-1018.24~20.04.1","5.15.0-1021.28~20.04.1"],"ecosystem_specific":{"binaries":[{"binary_version":"5.15.0-1022.29~20.04.1","binary_name":"linux-buildinfo-5.15.0-1022-gcp"},{"binary_version":"5.15.0-1022.29~20.04.1","binary_name":"linux-gcp-5.15-headers-5.15.0-1022"},{"binary_version":"5.15.0-1022.29~20.04.1","binary_name":"linux-gcp-5.15-tools-5.15.0-1022"},{"binary_version":"5.15.0-1022.29~20.04.1","binary_name":"linux-headers-5.15.0-1022-gcp"},{"binary_version":"5.15.0-1022.29~20.04.1","binary_name":"linux-image-unsigned-5.15.0-1022-gcp"},{"binary_version":"5.15.0-1022.29~20.04.1","binary_name":"linux-modules-5.15.0-1022-gcp"},{"binary_version":"5.15.0-1022.29~20.04.1","binary_name":"linux-modules-extra-5.15.0-1022-gcp"},{"binary_version":"5.15.0-1022.29~20.04.1","binary_name":"linux-modules-iwlwifi-5.15.0-1022-gcp"},{"binary_version":"5.15.0-1022.29~20.04.1","binary_name":"linux-tools-5.15.0-1022-gcp"}],"availability":"No subscription required"},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:20.04:LTS","cves":[{"id":"CVE-2022-2905","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-2978","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-3028","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-3625","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-3635","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"negligible"}]},{"id":"CVE-2022-20422","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-39190","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-40768","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"type":"Ubuntu","score":"medium"}]}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5729-2.json"}},{"package":{"name":"linux-gke-5.15","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/linux-gke-5.15@5.15.0-1020.25~20.04.1?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.15.0-1020.25~20.04.1"}]}],"versions":["5.15.0-1011.14~20.04.1","5.15.0-1014.17~20.04.1","5.15.0-1015.18~20.04.1","5.15.0-1016.19~20.04.1","5.15.0-1019.23~20.04.1"],"ecosystem_specific":{"binaries":[{"binary_version":"5.15.0-1020.25~20.04.1","binary_name":"linux-buildinfo-5.15.0-1020-gke"},{"binary_version":"5.15.0-1020.25~20.04.1","binary_name":"linux-gke-5.15-headers-5.15.0-1020"},{"binary_version":"5.15.0-1020.25~20.04.1","binary_name":"linux-gke-5.15-tools-5.15.0-1020"},{"binary_version":"5.15.0-1020.25~20.04.1","binary_name":"linux-headers-5.15.0-1020-gke"},{"binary_version":"5.15.0-1020.25~20.04.1","binary_name":"linux-image-unsigned-5.15.0-1020-gke"},{"binary_version":"5.15.0-1020.25~20.04.1","binary_name":"linux-modules-5.15.0-1020-gke"},{"binary_version":"5.15.0-1020.25~20.04.1","binary_name":"linux-modules-extra-5.15.0-1020-gke"},{"binary_version":"5.15.0-1020.25~20.04.1","binary_name":"linux-modules-iwlwifi-5.15.0-1020-gke"},{"binary_version":"5.15.0-1020.25~20.04.1","binary_name":"linux-tools-5.15.0-1020-gke"}],"availability":"No subscription required"},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:20.04:LTS","cves":[{"id":"CVE-2022-2905","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-2978","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-3028","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-3625","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-3635","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"negligible"}]},{"id":"CVE-2022-20422","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-39190","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-40768","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"type":"Ubuntu","score":"medium"}]}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5729-2.json"}},{"package":{"name":"linux-intel-iotg","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/linux-intel-iotg@5.15.0-1018.23?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.15.0-1018.23"}]}],"versions":["5.15.0-1004.6","5.15.0-1008.11","5.15.0-1010.14","5.15.0-1013.17","5.15.0-1015.20","5.15.0-1016.21","5.15.0-1017.22"],"ecosystem_specific":{"binaries":[{"binary_version":"5.15.0-1018.23","binary_name":"linux-buildinfo-5.15.0-1018-intel-iotg"},{"binary_version":"5.15.0-1018.23","binary_name":"linux-cloud-tools-5.15.0-1018-intel-iotg"},{"binary_version":"5.15.0-1018.23","binary_name":"linux-headers-5.15.0-1018-intel-iotg"},{"binary_version":"5.15.0-1018.23","binary_name":"linux-image-unsigned-5.15.0-1018-intel-iotg"},{"binary_version":"5.15.0-1018.23","binary_name":"linux-intel-iotg-cloud-tools-5.15.0-1018"},{"binary_version":"5.15.0-1018.23","binary_name":"linux-intel-iotg-cloud-tools-common"},{"binary_version":"5.15.0-1018.23","binary_name":"linux-intel-iotg-headers-5.15.0-1018"},{"binary_version":"5.15.0-1018.23","binary_name":"linux-intel-iotg-tools-5.15.0-1018"},{"binary_version":"5.15.0-1018.23","binary_name":"linux-intel-iotg-tools-common"},{"binary_version":"5.15.0-1018.23","binary_name":"linux-intel-iotg-tools-host"},{"binary_version":"5.15.0-1018.23","binary_name":"linux-modules-5.15.0-1018-intel-iotg"},{"binary_version":"5.15.0-1018.23","binary_name":"linux-modules-extra-5.15.0-1018-intel-iotg"},{"binary_version":"5.15.0-1018.23","binary_name":"linux-modules-iwlwifi-5.15.0-1018-intel-iotg"},{"binary_version":"5.15.0-1018.23","binary_name":"linux-tools-5.15.0-1018-intel-iotg"}],"availability":"No subscription required"},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:22.04:LTS","cves":[{"id":"CVE-2022-2905","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-2978","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-3028","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-3625","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-3635","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"negligible"}]},{"id":"CVE-2022-20422","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-39190","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-40768","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"type":"Ubuntu","score":"medium"}]}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5729-2.json"}},{"package":{"name":"linux-raspi","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/linux-raspi@5.15.0-1018.20?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.15.0-1018.20"}]}],"versions":["5.13.0-1008.9","5.15.0-1002.2","5.15.0-1003.3","5.15.0-1004.4","5.15.0-1005.5","5.15.0-1006.6","5.15.0-1008.8","5.15.0-1011.13","5.15.0-1012.14","5.15.0-1013.15","5.15.0-1014.16","5.15.0-1015.17","5.15.0-1016.18","5.15.0-1017.19"],"ecosystem_specific":{"binaries":[{"binary_version":"5.15.0-1018.20","binary_name":"linux-buildinfo-5.15.0-1018-raspi"},{"binary_version":"5.15.0-1018.20","binary_name":"linux-buildinfo-5.15.0-1018-raspi-nolpae"},{"binary_version":"5.15.0-1018.20","binary_name":"linux-headers-5.15.0-1018-raspi"},{"binary_version":"5.15.0-1018.20","binary_name":"linux-headers-5.15.0-1018-raspi-nolpae"},{"binary_version":"5.15.0-1018.20","binary_name":"linux-image-5.15.0-1018-raspi"},{"binary_version":"5.15.0-1018.20","binary_name":"linux-image-5.15.0-1018-raspi-nolpae"},{"binary_version":"5.15.0-1018.20","binary_name":"linux-modules-5.15.0-1018-raspi"},{"binary_version":"5.15.0-1018.20","binary_name":"linux-modules-5.15.0-1018-raspi-nolpae"},{"binary_version":"5.15.0-1018.20","binary_name":"linux-modules-extra-5.15.0-1018-raspi"},{"binary_version":"5.15.0-1018.20","binary_name":"linux-modules-extra-5.15.0-1018-raspi-nolpae"},{"binary_version":"5.15.0-1018.20","binary_name":"linux-raspi-headers-5.15.0-1018"},{"binary_version":"5.15.0-1018.20","binary_name":"linux-raspi-tools-5.15.0-1018"},{"binary_version":"5.15.0-1018.20","binary_name":"linux-tools-5.15.0-1018-raspi"},{"binary_version":"5.15.0-1018.20","binary_name":"linux-tools-5.15.0-1018-raspi-nolpae"}],"availability":"No subscription required"},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:22.04:LTS","cves":[{"id":"CVE-2022-2905","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-2978","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-3028","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-3625","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-3635","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"negligible"}]},{"id":"CVE-2022-20422","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-39190","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-40768","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"type":"Ubuntu","score":"medium"}]}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5729-2.json"}}],"schema_version":"1.7.3"}