{"id":"USN-5858-1","summary":"linux-oem-5.17 vulnerabilities","details":"\nDavide Ornaghi discovered that the netfilter subsystem in the Linux kernel\ndid not properly handle VLAN headers in some situations. A local attacker\ncould use this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2023-0179)\n\nIt was discovered that the Netronome Ethernet driver in the Linux kernel\ncontained a use-after-free vulnerability. A local attacker could use this\nto cause a denial of service (system crash) or possibly execute arbitrary\ncode. (CVE-2022-3545)\n\nTamás Koczka discovered that the Bluetooth L2CAP implementation in the\nLinux kernel did not properly initialize memory in some situations. A\nphysically proximate attacker could possibly use this to expose sensitive\ninformation (kernel memory). (CVE-2022-42895)\n\nIt was discovered that an integer overflow vulnerability existed in the\nBluetooth subsystem in the Linux kernel. A physically proximate attacker\ncould use this to cause a denial of service (system crash).\n(CVE-2022-45934)\n\n","modified":"2026-02-10T04:42:56Z","published":"2023-02-09T21:36:03Z","related":["UBUNTU-CVE-2022-3545","UBUNTU-CVE-2022-42895","UBUNTU-CVE-2022-45934","UBUNTU-CVE-2023-0179"],"upstream":["CVE-2022-3545","CVE-2022-42895","CVE-2022-45934","CVE-2023-0179","UBUNTU-CVE-2022-3545","UBUNTU-CVE-2022-42895","UBUNTU-CVE-2022-45934","UBUNTU-CVE-2023-0179"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-5858-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-3545"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-42895"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-45934"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-0179"}],"affected":[{"package":{"name":"linux-oem-5.17","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/linux-oem-5.17@5.17.0-1027.28?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.17.0-1027.28"}]}],"versions":["5.17.0-1003.3","5.17.0-1004.4","5.17.0-1006.6","5.17.0-1011.12","5.17.0-1012.13","5.17.0-1013.14","5.17.0-1014.15","5.17.0-1015.16","5.17.0-1016.17","5.17.0-1017.18","5.17.0-1018.19","5.17.0-1019.20","5.17.0-1020.21","5.17.0-1021.22","5.17.0-1024.25","5.17.0-1025.26","5.17.0-1026.27"],"ecosystem_specific":{"binaries":[{"binary_name":"linux-buildinfo-5.17.0-1027-oem","binary_version":"5.17.0-1027.28"},{"binary_name":"linux-headers-5.17.0-1027-oem","binary_version":"5.17.0-1027.28"},{"binary_name":"linux-image-unsigned-5.17.0-1027-oem","binary_version":"5.17.0-1027.28"},{"binary_name":"linux-modules-5.17.0-1027-oem","binary_version":"5.17.0-1027.28"},{"binary_name":"linux-modules-ipu6-5.17.0-1027-oem","binary_version":"5.17.0-1027.28"},{"binary_name":"linux-modules-ivsc-5.17.0-1027-oem","binary_version":"5.17.0-1027.28"},{"binary_name":"linux-modules-iwlwifi-5.17.0-1027-oem","binary_version":"5.17.0-1027.28"},{"binary_name":"linux-oem-5.17-headers-5.17.0-1027","binary_version":"5.17.0-1027.28"},{"binary_name":"linux-oem-5.17-tools-5.17.0-1027","binary_version":"5.17.0-1027.28"},{"binary_name":"linux-oem-5.17-tools-host","binary_version":"5.17.0-1027.28"},{"binary_name":"linux-tools-5.17.0-1027-oem","binary_version":"5.17.0-1027.28"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5858-1.json","cves_map":{"cves":[{"id":"CVE-2022-3545","severity":[{"score":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2022-42895","severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2022-45934","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-0179","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]}],"ecosystem":"Ubuntu:22.04:LTS"}}}],"schema_version":"1.7.3"}