{"id":"USN-5381-1","summary":"linux-oem-5.14 vulnerabilities","details":"David Bouman discovered that the netfilter subsystem in the Linux kernel\ndid not properly validate passed user register indices. A local attacker\ncould use this to cause a denial of service or possibly execute arbitrary\ncode. (CVE-2022-1015)\n\nIt was discovered that the block layer subsystem in the Linux kernel did\nnot properly initialize memory in some situations. A privileged local\nattacker could use this to expose sensitive information (kernel memory).\n(CVE-2022-0494)\n\nIt was discovered that the DMA subsystem in the Linux kernel did not\nproperly ensure bounce buffers were completely overwritten by the DMA\ndevice. A local attacker could use this to expose sensitive information\n(kernel memory). (CVE-2022-0854)\n\nJann Horn discovered that the FUSE file system in the Linux kernel\ncontained a use-after-free vulnerability. A local attacker could use this\nto cause a denial of service (system crash) or possibly execute arbitrary\ncode. (CVE-2022-1011)\n\nDavid Bouman discovered that the netfilter subsystem in the Linux kernel\ndid not initialize memory in some situations. A local attacker could use\nthis to expose sensitive information (kernel memory). (CVE-2022-1016)\n\nHu Jiahui discovered that multiple race conditions existed in the Advanced\nLinux Sound Architecture (ALSA) framework, leading to use-after-free\nvulnerabilities. A local attacker could use these to cause a denial of\nservice (system crash) or possibly execute arbitrary code. (CVE-2022-1048)\n\nIt was discovered that the USB Gadget file system interface in the Linux\nkernel contained a use-after-free vulnerability. A local attacker could use\nthis to cause a denial of service (system crash) or possibly execute\narbitrary code. (CVE-2022-24958)\n\nIt was discovered that the ST21NFCA NFC driver in the Linux kernel did not\nproperly validate the size of certain data in EVT_TRANSACTION events. A\nphysically proximate attacker could use this to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2022-26490)\n\nIt was discovered that the USB SR9700 ethernet device driver for the Linux\nkernel did not properly validate the length of requests from the device. A\nphysically proximate attacker could possibly use this to expose sensitive\ninformation (kernel memory). (CVE-2022-26966)\n\nIt was discovered that the Xilinx USB2 device gadget driver in the Linux\nkernel did not properly validate endpoint indices from the host. A\nphysically proximate attacker could possibly use this to cause a denial of\nservice (system crash). (CVE-2022-27223)\n\n赵子轩 discovered that the 802.2 LLC type 2 driver in the Linux kernel did not\nproperly perform reference counting in some error conditions. A local\nattacker could use this to cause a denial of service. (CVE-2022-28356)\n","modified":"2026-02-10T04:42:35Z","published":"2022-04-20T19:09:49Z","related":["UBUNTU-CVE-2022-0494","UBUNTU-CVE-2022-0854","UBUNTU-CVE-2022-1011","UBUNTU-CVE-2022-1015","UBUNTU-CVE-2022-1016","UBUNTU-CVE-2022-1048","UBUNTU-CVE-2022-24958","UBUNTU-CVE-2022-26490","UBUNTU-CVE-2022-26966","UBUNTU-CVE-2022-27223","UBUNTU-CVE-2022-28356"],"upstream":["CVE-2022-0494","CVE-2022-0854","CVE-2022-1011","CVE-2022-1015","CVE-2022-1016","CVE-2022-1048","CVE-2022-24958","CVE-2022-26490","CVE-2022-26966","CVE-2022-27223","CVE-2022-28356","UBUNTU-CVE-2022-0494","UBUNTU-CVE-2022-0854","UBUNTU-CVE-2022-1011","UBUNTU-CVE-2022-1015","UBUNTU-CVE-2022-1016","UBUNTU-CVE-2022-1048","UBUNTU-CVE-2022-24958","UBUNTU-CVE-2022-26490","UBUNTU-CVE-2022-26966","UBUNTU-CVE-2022-27223","UBUNTU-CVE-2022-28356"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-5381-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-0494"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-0854"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-1011"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-1015"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-1016"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-1048"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-24958"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-26490"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-26966"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-27223"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-28356"}],"affected":[{"package":{"name":"linux-oem-5.14","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/linux-oem-5.14@5.14.0-1033.36?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.14.0-1033.36"}]}],"versions":["5.14.0-1004.4","5.14.0-1005.5","5.14.0-1007.7","5.14.0-1008.8","5.14.0-1010.10","5.14.0-1011.11","5.14.0-1013.13","5.14.0-1018.19","5.14.0-1020.22","5.14.0-1022.24","5.14.0-1024.26","5.14.0-1027.30","5.14.0-1029.32","5.14.0-1031.34","5.14.0-1032.35"],"ecosystem_specific":{"binaries":[{"binary_name":"linux-buildinfo-5.14.0-1033-oem","binary_version":"5.14.0-1033.36"},{"binary_name":"linux-headers-5.14.0-1033-oem","binary_version":"5.14.0-1033.36"},{"binary_name":"linux-image-unsigned-5.14.0-1033-oem","binary_version":"5.14.0-1033.36"},{"binary_name":"linux-modules-5.14.0-1033-oem","binary_version":"5.14.0-1033.36"},{"binary_name":"linux-oem-5.14-headers-5.14.0-1033","binary_version":"5.14.0-1033.36"},{"binary_name":"linux-oem-5.14-tools-5.14.0-1033","binary_version":"5.14.0-1033.36"},{"binary_name":"linux-oem-5.14-tools-host","binary_version":"5.14.0-1033.36"},{"binary_name":"linux-tools-5.14.0-1033-oem","binary_version":"5.14.0-1033.36"}],"availability":"No subscription required"},"database_specific":{"cves_map":{"cves":[{"id":"CVE-2022-0494","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2022-0854","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2022-1011","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-1015","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H"},{"type":"Ubuntu","score":"high"}]},{"id":"CVE-2022-1016","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-1048","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-24958","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-26490","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-26966","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2022-27223","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2022-28356","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}]}],"ecosystem":"Ubuntu:20.04:LTS"},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5381-1.json"}}],"schema_version":"1.7.3"}