{"id":"USN-5856-1","summary":"linux-oem-6.1 vulnerabilities","details":"Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel\ndid not properly handle VLAN headers in some situations. A local attacker\ncould use this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2023-0179)\n\nHu Jiahui discovered that multiple race conditions existed in the Advanced\nLinux Sound Architecture (ALSA) framework, leading to use-after-free\nvulnerabilities. A local attacker could use these to cause a denial of\nservice (system crash) or possibly execute arbitrary code. (CVE-2022-1048)\n\nIt was discovered that a use-after-free vulnerability existed in the SGI\nGRU driver in the Linux kernel. A local attacker could possibly use this to\ncause a denial of service (system crash) or possibly execute arbitrary\ncode. (CVE-2022-3424)\n\n","modified":"2026-02-10T04:42:56Z","published":"2023-02-09T21:23:44Z","related":["UBUNTU-CVE-2022-1048","UBUNTU-CVE-2022-3424","UBUNTU-CVE-2023-0179"],"upstream":["CVE-2022-1048","CVE-2022-3424","CVE-2023-0179","UBUNTU-CVE-2022-1048","UBUNTU-CVE-2022-3424","UBUNTU-CVE-2023-0179"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-5856-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-1048"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-3424"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-0179"}],"affected":[{"package":{"name":"linux-oem-6.1","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/linux-oem-6.1@6.1.0-1006.6?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.1.0-1006.6"}]}],"versions":["6.1.0-1004.4"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"linux-buildinfo-6.1.0-1006-oem","binary_version":"6.1.0-1006.6"},{"binary_name":"linux-headers-6.1.0-1006-oem","binary_version":"6.1.0-1006.6"},{"binary_name":"linux-image-unsigned-6.1.0-1006-oem","binary_version":"6.1.0-1006.6"},{"binary_name":"linux-modules-6.1.0-1006-oem","binary_version":"6.1.0-1006.6"},{"binary_name":"linux-modules-ipu6-6.1.0-1006-oem","binary_version":"6.1.0-1006.6"},{"binary_name":"linux-modules-ivsc-6.1.0-1006-oem","binary_version":"6.1.0-1006.6"},{"binary_name":"linux-oem-6.1-headers-6.1.0-1006","binary_version":"6.1.0-1006.6"},{"binary_name":"linux-oem-6.1-tools-6.1.0-1006","binary_version":"6.1.0-1006.6"},{"binary_name":"linux-oem-6.1-tools-host","binary_version":"6.1.0-1006.6"},{"binary_name":"linux-tools-6.1.0-1006-oem","binary_version":"6.1.0-1006.6"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5856-1.json","cves_map":{"ecosystem":"Ubuntu:22.04:LTS","cves":[{"id":"CVE-2022-3424","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-0179","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]}]}}}],"schema_version":"1.7.3"}