{"id":"USN-5911-1","summary":"linux, linux-aws, linux-azure, linux-gcp, linux-hwe-5.19, linux-ibm, linux-lowlatency, linux-oracle vulnerabilities","details":"\nIt was discovered that the Upper Level Protocol (ULP) subsystem in the\nLinux kernel did not properly handle sockets entering the LISTEN state in\ncertain protocols, leading to a use-after-free vulnerability. A local\nattacker could use this to cause a denial of service (system crash) or\npossibly execute arbitrary code. (CVE-2023-0461)\n\nDavide Ornaghi discovered that the netfilter subsystem in the Linux kernel\ndid not properly handle VLAN headers in some situations. A local attacker\ncould use this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2023-0179)\n\nIt was discovered that the NVMe driver in the Linux kernel did not properly\nhandle reset events in some situations. A local attacker could use this to\ncause a denial of service (system crash). (CVE-2022-3169)\n\nMaxim Levitsky discovered that the KVM nested virtualization (SVM)\nimplementation for AMD processors in the Linux kernel did not properly\nhandle nested shutdown execution. An attacker in a guest vm could use this\nto cause a denial of service (host kernel crash) (CVE-2022-3344)\n\nGwangun Jung discovered a race condition in the IPv4 implementation in the\nLinux kernel when deleting multipath routes, resulting in an out-of-bounds\nread. An attacker could use this to cause a denial of service (system\ncrash) or possibly expose sensitive information (kernel memory).\n(CVE-2022-3435)\n\nIt was discovered that a race condition existed in the Kernel Connection\nMultiplexor (KCM) socket implementation in the Linux kernel when releasing\nsockets in certain situations. A local attacker could use this to cause a\ndenial of service (system crash). (CVE-2022-3521)\n\nIt was discovered that the Netronome Ethernet driver in the Linux kernel\ncontained a use-after-free vulnerability. A local attacker could use this\nto cause a denial of service (system crash) or possibly execute arbitrary\ncode. (CVE-2022-3545)\n\nIt was discovered that the Intel i915 graphics driver in the Linux kernel\ndid not perform a GPU TLB flush in some situations. A local attacker could\nuse this to cause a denial of service or possibly execute arbitrary code.\n(CVE-2022-4139)\n\nIt was discovered that the NFSD implementation in the Linux kernel\ncontained a use-after-free vulnerability. A remote attacker could possibly\nuse this to cause a denial of service (system crash) or execute arbitrary\ncode. (CVE-2022-4379)\n\nIt was discovered that a race condition existed in the x86 KVM subsystem\nimplementation in the Linux kernel when nested virtualization and the TDP\nMMU are enabled. An attacker in a guest vm could use this to cause a denial\nof service (host OS crash). (CVE-2022-45869)\n\nIt was discovered that the Atmel WILC1000 driver in the Linux kernel did\nnot properly validate the number of channels, leading to an out-of-bounds\nwrite vulnerability. An attacker could use this to cause a denial of\nservice (system crash) or possibly execute arbitrary code. (CVE-2022-47518)\n\nIt was discovered that the Atmel WILC1000 driver in the Linux kernel did\nnot properly validate specific attributes, leading to an out-of-bounds\nwrite vulnerability. An attacker could use this to cause a denial of\nservice (system crash) or possibly execute arbitrary code. (CVE-2022-47519)\n\nIt was discovered that the Atmel WILC1000 driver in the Linux kernel did\nnot properly validate offsets, leading to an out-of-bounds read\nvulnerability. An attacker could use this to cause a denial of service\n(system crash). (CVE-2022-47520)\n\nIt was discovered that the Atmel WILC1000 driver in the Linux kernel did\nnot properly validate specific attributes, leading to a heap-based buffer\noverflow. An attacker could use this to cause a denial of service (system\ncrash) or possibly execute arbitrary code. (CVE-2022-47521)\n\nIt was discovered that the file system writeback functionality in the Linux\nkernel contained a user-after-free vulnerability. A local attacker could\npossibly use this to cause a denial of service (system crash) or execute\narbitrary code. (CVE-2023-26605)\n\n","modified":"2026-04-27T16:32:20.891709042Z","published":"2023-03-02T23:06:33Z","related":["UBUNTU-CVE-2022-3169","UBUNTU-CVE-2022-3344","UBUNTU-CVE-2022-3435","UBUNTU-CVE-2022-3521","UBUNTU-CVE-2022-3545","UBUNTU-CVE-2022-4139","UBUNTU-CVE-2022-4379","UBUNTU-CVE-2022-45869","UBUNTU-CVE-2022-47518","UBUNTU-CVE-2022-47519","UBUNTU-CVE-2022-47520","UBUNTU-CVE-2022-47521","UBUNTU-CVE-2023-0179","UBUNTU-CVE-2023-0461","UBUNTU-CVE-2023-26605"],"upstream":["CVE-2022-3169","CVE-2022-3344","CVE-2022-3435","CVE-2022-3521","CVE-2022-3545","CVE-2022-4139","CVE-2022-4379","CVE-2022-45869","CVE-2022-47518","CVE-2022-47519","CVE-2022-47520","CVE-2022-47521","CVE-2023-0179","CVE-2023-0461","CVE-2023-26605","UBUNTU-CVE-2022-3169","UBUNTU-CVE-2022-3344","UBUNTU-CVE-2022-3435","UBUNTU-CVE-2022-3521","UBUNTU-CVE-2022-3545","UBUNTU-CVE-2022-4139","UBUNTU-CVE-2022-4379","UBUNTU-CVE-2022-45869","UBUNTU-CVE-2022-47518","UBUNTU-CVE-2022-47519","UBUNTU-CVE-2022-47520","UBUNTU-CVE-2022-47521","UBUNTU-CVE-2023-0179","UBUNTU-CVE-2023-0461","UBUNTU-CVE-2023-26605"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-5911-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-3169"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-3344"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-3435"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-3521"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-3545"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-4139"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-4379"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-45869"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-47518"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-47519"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-47520"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2022-47521"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-0179"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-0461"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2023-26605"}],"affected":[{"package":{"name":"linux-hwe-5.19","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/linux-hwe-5.19@5.19.0-35.36~22.04.1?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.19.0-35.36~22.04.1"}]}],"versions":["5.19.0-28.29~22.04.1","5.19.0-32.33~22.04.1"],"ecosystem_specific":{"binaries":[{"binary_version":"5.19.0-35.36~22.04.1","binary_name":"linux-buildinfo-5.19.0-35-generic"},{"binary_version":"5.19.0-35.36~22.04.1","binary_name":"linux-buildinfo-5.19.0-35-generic-64k"},{"binary_version":"5.19.0-35.36~22.04.1","binary_name":"linux-buildinfo-5.19.0-35-generic-lpae"},{"binary_version":"5.19.0-35.36~22.04.1","binary_name":"linux-cloud-tools-5.19.0-35-generic"},{"binary_version":"5.19.0-35.36~22.04.1","binary_name":"linux-headers-5.19.0-35-generic"},{"binary_version":"5.19.0-35.36~22.04.1","binary_name":"linux-headers-5.19.0-35-generic-64k"},{"binary_version":"5.19.0-35.36~22.04.1","binary_name":"linux-headers-5.19.0-35-generic-lpae"},{"binary_version":"5.19.0-35.36~22.04.1","binary_name":"linux-hwe-5.19-cloud-tools-5.19.0-35"},{"binary_version":"5.19.0-35.36~22.04.1","binary_name":"linux-hwe-5.19-cloud-tools-common"},{"binary_version":"5.19.0-35.36~22.04.1","binary_name":"linux-hwe-5.19-headers-5.19.0-35"},{"binary_version":"5.19.0-35.36~22.04.1","binary_name":"linux-hwe-5.19-tools-5.19.0-35"},{"binary_version":"5.19.0-35.36~22.04.1","binary_name":"linux-hwe-5.19-tools-common"},{"binary_version":"5.19.0-35.36~22.04.1","binary_name":"linux-hwe-5.19-tools-host"},{"binary_version":"5.19.0-35.36~22.04.1","binary_name":"linux-image-5.19.0-35-generic"},{"binary_version":"5.19.0-35.36~22.04.1","binary_name":"linux-image-5.19.0-35-generic-lpae"},{"binary_version":"5.19.0-35.36~22.04.1","binary_name":"linux-image-unsigned-5.19.0-35-generic"},{"binary_version":"5.19.0-35.36~22.04.1","binary_name":"linux-image-unsigned-5.19.0-35-generic-64k"},{"binary_version":"5.19.0-35.36~22.04.1","binary_name":"linux-modules-5.19.0-35-generic"},{"binary_version":"5.19.0-35.36~22.04.1","binary_name":"linux-modules-5.19.0-35-generic-64k"},{"binary_version":"5.19.0-35.36~22.04.1","binary_name":"linux-modules-5.19.0-35-generic-lpae"},{"binary_version":"5.19.0-35.36~22.04.1","binary_name":"linux-modules-extra-5.19.0-35-generic"},{"binary_version":"5.19.0-35.36~22.04.1","binary_name":"linux-modules-ipu6-5.19.0-35-generic"},{"binary_version":"5.19.0-35.36~22.04.1","binary_name":"linux-modules-ivsc-5.19.0-35-generic"},{"binary_version":"5.19.0-35.36~22.04.1","binary_name":"linux-modules-iwlwifi-5.19.0-35-generic"},{"binary_version":"5.19.0-35.36~22.04.1","binary_name":"linux-source-5.19.0"},{"binary_version":"5.19.0-35.36~22.04.1","binary_name":"linux-tools-5.19.0-35-generic"},{"binary_version":"5.19.0-35.36~22.04.1","binary_name":"linux-tools-5.19.0-35-generic-64k"},{"binary_version":"5.19.0-35.36~22.04.1","binary_name":"linux-tools-5.19.0-35-generic-lpae"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5911-1.json","cves_map":{"cves":[{"id":"CVE-2022-3169","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2022-3344","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2022-3435","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2022-3521","severity":[{"score":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2022-3545","severity":[{"score":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2022-4139","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2022-4379","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2022-45869","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2022-47518","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"low","type":"Ubuntu"}]},{"id":"CVE-2022-47519","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"low","type":"Ubuntu"}]},{"id":"CVE-2022-47520","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2022-47521","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2023-0179","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]},{"id":"CVE-2023-0461","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]},{"id":"CVE-2023-26605","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]}],"ecosystem":"Ubuntu:22.04:LTS"}}}],"schema_version":"1.7.5"}