SB2022091701 - Ubuntu update for linux-intel-iotg
Published: September 17, 2022
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 10 secuirty vulnerabilities.
1) Input validation error (CVE-ID: CVE-2021-33061)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient control flow management. A local user can pass specially crafted input to the application and perform a denial of service (DoS) attack.
2) Memory leak (CVE-ID: CVE-2022-1012)
The vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to insufficient randomization in the net/ipv4/tcp.c when calculating port offsets in Linux kernel cause by small table perturb size. A remote attacker can cause memory leak and gain access to sensitive information.
3) Race condition (CVE-ID: CVE-2022-1729)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within sys_perf_event_open() in Linux kernel. A local user can exploit the race and gain unauthorized access to sensitive information and escalate privileges on the system.
4) NULL pointer dereference (CVE-ID: CVE-2022-1852)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in the Linux kernel’s KVM module. A local user can perform a denial of service (DoS) attack in the x86_emulate_insn in arch/x86/kvm/emulate.c.
5) Out-of-bounds write (CVE-ID: CVE-2022-1943)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error in the udf_write_fi() function within the UDF file system functionality. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.
6) Use-after-free (CVE-ID: CVE-2022-1973)
The vulnerability allows a local user to perform a denial of service attack.
The vulnerability exists due to a use-after-free error within the NTFS file system implementation in the Linux
kernel. A local user can trigger a use-after-free error and crash the system or gain access to sensitive information.
7) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2022-2503)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to the way dm-verity is used to restrict module/firmware loads to trusted root filesystem in LoadPin builds. Device-mapper table reloads currently allow users with root privileges to switch out the target with an equivalent dm-linear target and bypass verification till reboot. This allows root to bypass LoadPin and can be used to load untrusted and unverified kernel modules and firmware, which implies arbitrary kernel execution and persistence for peripherals that do not verify firmware updates.
8) Out-of-bounds read (CVE-ID: CVE-2022-2873)
The vulnerability allows a local user to crash the kernel.
The vulnerability exists due to a boundary condition within the Intel iSMT SMBus host controller driver. A local user can send specially crafted data to the I2C_SMBUS IOCTL, trigger an out-of-bounds read error and crash the system.
9) Race condition (CVE-ID: CVE-2022-2959)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a missing lock in the pipe_resize_ring() function within the watch queue when performing operations on an object. A local user can exploit the race and gain unauthorized access to sensitive information and escalate privileges on the system.
10) Use of insufficiently random values (CVE-ID: CVE-2022-32296)
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to Linux kernel allowing TCP servers to identify clients by observing what source ports are used. A local user can gain unauthorized access to sensitive information on the system.
Remediation
Install update from vendor's website.