SB2022072909 - Ubuntu update for linux

Description

This security bulletin contains information about 4 secuirty vulnerabilities.

1) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2022-20141)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improper imposition of security restrictions in the Linux kernel's components. A local user can trigger the vulnerability to bypass security restrictions bypass and escalate privileges on the system.

2) NULL pointer dereference (CVE-ID: CVE-2022-25258)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error drivers/usb/gadget/composite.c in the Linux kernel. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval). A local user can run a specially crafted program to trigger memory corruption and perform a denial of service (DoS) attack.

3) Exposure of Resource to Wrong Sphere (CVE-ID: CVE-2022-25375)

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to improper access restrictions in drivers/usb/gadget/function/rndis.c in the Linux kernel. The RNDIS USB gadget lacks validation of the size of the RNDIS_MSG_SET command. A local user can run a specially crafted program to gain access to kernel memory.

4) Type Confusion (CVE-ID: CVE-2022-34918)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists in the Linux kernel’s Netfilter subsystem in the way a user provides incorrect input of the NFT_DATA_VERDICT type. A local user can pass specially crafted data to the application, trigger a type confusion error and escalate privileges on the system.

Remediation

Install update from vendor's website.

References

• https://ubuntu.com/security/notices/USN-5540-1