Ubuntu update for linux-intel-iotg
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 5 |
| CVE-ID | CVE-2022-1882 CVE-2022-26373 CVE-2022-3176 CVE-2022-36879 CVE-2022-39189 |
| CWE-ID | CWE-416 CWE-264 CWE-399 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software |
Ubuntu Operating systems & Components / Operating system linux-image-5.15.0-1017-intel-iotg (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-intel-iotg (Ubuntu package) Other |
| Vendor | Canonical Ltd. |
Security Bulletin
This security bulletin contains information about 5 vulnerabilities.
1) Use-after-free
EUVDB-ID: #VU68108
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-1882
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the Linux kernel’s pipes functionality in free_pipe_info() function in fs/pipe.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
Update the affected package linux-intel-iotg to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-5.15.0-1017-intel-iotg (Ubuntu package): before 5.15.0-1017.22
linux-image-intel-iotg (Ubuntu package): before 5.15.0.1017.18
CPE2.3- cpe:2.3:o:canonical:ubuntu:22.04:*:*:*:*:*:*:*
- cpe:2.3:a:canonical:linux-image-5.15.0-1017-intel-iotg_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3::canonical:linux-image-intel-iotg_ubuntu_package:*:*:*:*:*:*:*:*
https://ubuntu.com/security/notices/USN-5703-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Security restrictions bypass
EUVDB-ID: #VU66549
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-26373
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to non-transparent sharing of return predictor targets between contexts in Intel CPU processors. A local user can bypass the expected architecture isolation between contexts and gain access to sensitive information on the system.
MitigationUpdate the affected package linux-intel-iotg to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-5.15.0-1017-intel-iotg (Ubuntu package): before 5.15.0-1017.22
linux-image-intel-iotg (Ubuntu package): before 5.15.0.1017.18
CPE2.3- cpe:2.3:a:canonical:linux-image-5.15.0-1017-intel-iotg_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3::canonical:linux-image-intel-iotg_ubuntu_package:*:*:*:*:*:*:*:*
https://ubuntu.com/security/notices/USN-5703-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Use-after-free
EUVDB-ID: #VU68109
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-3176
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error in io_uring implementation in the Linux kernel. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.
Update the affected package linux-intel-iotg to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-5.15.0-1017-intel-iotg (Ubuntu package): before 5.15.0-1017.22
linux-image-intel-iotg (Ubuntu package): before 5.15.0.1017.18
CPE2.3- cpe:2.3:a:canonical:linux-image-5.15.0-1017-intel-iotg_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3::canonical:linux-image-intel-iotg_ubuntu_package:*:*:*:*:*:*:*:*
https://ubuntu.com/security/notices/USN-5703-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Resource management error
EUVDB-ID: #VU66550
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-36879
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the xfrm_expand_policies() function in net/xfrm/xfrm_policy.c. A local user can cause the refcount to be dropped twice and perform a denial of service (DoS) attack.
MitigationUpdate the affected package linux-intel-iotg to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-5.15.0-1017-intel-iotg (Ubuntu package): before 5.15.0-1017.22
linux-image-intel-iotg (Ubuntu package): before 5.15.0.1017.18
CPE2.3- cpe:2.3:a:canonical:linux-image-5.15.0-1017-intel-iotg_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3::canonical:linux-image-intel-iotg_ubuntu_package:*:*:*:*:*:*:*:*
https://ubuntu.com/security/notices/USN-5703-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU68110
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-39189
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a guest user to escalate privileges on the system.
The vulnerability exists due to incorrect handling of TLB flush operations in certain KVM_VCPU_PREEMPTED situations in the x86 KVM subsystem in the Linux kernel. An attacker with unprivileged access to the guest OS can escalate privileges on the guest.
Update the affected package linux-intel-iotg to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-5.15.0-1017-intel-iotg (Ubuntu package): before 5.15.0-1017.22
linux-image-intel-iotg (Ubuntu package): before 5.15.0.1017.18
CPE2.3- cpe:2.3:a:canonical:linux-image-5.15.0-1017-intel-iotg_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3::canonical:linux-image-intel-iotg_ubuntu_package:*:*:*:*:*:*:*:*
https://ubuntu.com/security/notices/USN-5703-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
