CVE-2022-0185
Published: 18 January 2022
A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced CAP_SYS_ADMIN privilege) local user able to open a filesystem that does not support the Filesystem Context API (and thus fallbacks to legacy handling) could use this flaw to escalate their privileges on the system.
From the Ubuntu Security Team
William Liu and Jamie Hill-Daniel discovered that the file system context functionality in the Linux kernel contained an integer underflow vulnerability, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code.
Notes
Author | Note |
---|---|
alexmurray | Requires CAP_SYS_ADMIN however this can be done within a new user namespace - so can be mitigated by disabling unprivileged user namespaces. |
Mitigation
Disable unprivileged user namespaces: sysctl -w kernel.unprivileged_userns_clone=0
Priority
Status
Package | Release | Status |
---|---|---|
linux Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(4.13.0-16.19)
|
focal |
Released
(5.4.0-96.109)
|
|
hirsute |
Released
(5.11.0-49.55)
|
|
impish |
Released
(5.13.0-27.29)
|
|
jammy |
Not vulnerable
(5.15.0-18.18)
|
|
kinetic |
Not vulnerable
(5.15.0-25.25)
|
|
lunar |
Not vulnerable
(5.15.0-25.25)
|
|
upstream |
Released
(5.17~rc1)
|
|
Patches: Introduced by 3e1aeb00e6d132efc151dacc062b38269bc9eccc |
||
linux-aws Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(4.15.0-1001.1)
|
focal |
Released
(5.4.0-1063.66)
|
|
hirsute |
Released
(5.11.0-1027.30)
|
|
impish |
Released
(5.13.0-1011.12)
|
|
jammy |
Not vulnerable
(5.15.0-1002.4)
|
|
kinetic |
Not vulnerable
(5.15.0-1004.6)
|
|
lunar |
Not vulnerable
(5.15.0-1004.6)
|
|
trusty |
Not vulnerable
(4.4.0-1002.2)
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Not vulnerable
(4.4.0-1001.10)
|
|
linux-aws-5.0 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-aws-5.3)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-aws-5.11 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Released
(5.11.0-1027.30~20.04.1)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-aws-5.13 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Released
(5.13.0-1011.12~20.04.1)
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-aws-5.15 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Not vulnerable
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Does not exist
|
|
linux-aws-5.3 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-aws-5.4)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-aws-5.4 Launchpad, Ubuntu, Debian |
bionic |
Released
(5.4.0-1063.66~18.04.1)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-aws-5.8 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Ignored
(was needs-triage now end-of-life)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-aws-hwe Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Not vulnerable
(4.15.0-1030.31~16.04.1)
|
|
linux-azure Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-azure-5.3)
|
focal |
Released
(5.4.0-1067.70)
|
|
hirsute |
Released
(5.11.0-1027.30)
|
|
impish |
Released
(5.13.0-1012.14)
|
|
jammy |
Not vulnerable
(5.15.0-1001.2)
|
|
kinetic |
Not vulnerable
(5.15.0-1003.4)
|
|
lunar |
Not vulnerable
(5.15.0-1003.4)
|
|
trusty |
Not vulnerable
(4.15.0-1023.24~14.04.1)
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Not vulnerable
(4.11.0-1009.9)
|
|
linux-azure-4.15 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(4.15.0-1082.92)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-azure-5.11 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Released
(5.11.0-1027.30~20.04.1)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-azure-5.13 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Released
(5.13.0-1012.14~20.04.1)
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-azure-5.15 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Not vulnerable
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Does not exist
|
|
linux-azure-5.19 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Not vulnerable
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Does not exist
|
|
linux-azure-5.3 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-azure-5.4)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-azure-5.4 Launchpad, Ubuntu, Debian |
bionic |
Released
(5.4.0-1067.70~18.04.1)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-azure-5.8 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Ignored
(was needs-triage now end-of-life)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-azure-edge Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-azure-5.3)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-azure-fde Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Released
(5.4.0-1067.70)
|
|
impish |
Does not exist
|
|
jammy |
Needs triage
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-azure-fde-5.15 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Not vulnerable
(5.15.0-1007.8~20.04.1)
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Does not exist
|
|
linux-azure-fde-5.19 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Not vulnerable
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Does not exist
|
|
linux-bluefield Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Released
(5.4.0-1025.28)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Not vulnerable
(5.15.0-1011.13)
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-dell300x Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(4.15.0-1005.8)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-fips Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Ignored
(out of standard support)
|
|
linux-gcp Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-gcp-5.3)
|
focal |
Released
(5.4.0-1062.66)
|
|
hirsute |
Released
(5.11.0-1028.32)
|
|
impish |
Released
(5.13.0-1012.15)
|
|
jammy |
Not vulnerable
(5.15.0-1001.3)
|
|
kinetic |
Not vulnerable
(5.15.0-1003.6)
|
|
lunar |
Not vulnerable
(5.15.0-1003.6)
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Not vulnerable
(4.10.0-1004.4)
|
|
linux-gcp-4.15 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(4.15.0-1071.81)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-gcp-5.11 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Released
(5.11.0-1028.32~20.04.1)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-gcp-5.13 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Released
(5.13.0-1012.15~20.04.1)
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-gcp-5.15 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Not vulnerable
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Does not exist
|
|
linux-gcp-5.3 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-gcp-5.4)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-gcp-5.4 Launchpad, Ubuntu, Debian |
bionic |
Released
(5.4.0-1062.66~18.04.1)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-gcp-5.8 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Ignored
(was needs-triage now end-of-life)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-gke Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Released
(5.4.0-1059.62)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Not vulnerable
(5.15.0-1002.2)
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Ignored
(reached end of standard support)
|
|
linux-gke-4.15 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(was needs-triage now end-of-life)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-gke-5.0 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(was needs-triage now end-of-life)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-gke-5.15 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Not vulnerable
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Does not exist
|
|
linux-gke-5.3 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(was needs-triage now end-of-life)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-gke-5.4 Launchpad, Ubuntu, Debian |
bionic |
Released
(5.4.0-1059.62~18.04.1)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-gkeop Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Released
(5.4.0-1031.32)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Needs triage
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-gkeop-5.4 Launchpad, Ubuntu, Debian |
bionic |
Released
(5.4.0-1031.32~18.04.1)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-hwe Launchpad, Ubuntu, Debian |
bionic |
Ignored
(replaced by linux-hwe-5.4)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Not vulnerable
(4.8.0-39.42~16.04.1)
|
|
linux-hwe-5.11 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Ignored
(was needs-triage now end-of-life)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-hwe-5.13 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Released
(5.13.0-27.29~20.04.1)
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-hwe-5.15 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Not vulnerable
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Does not exist
|
|
linux-hwe-5.19 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Not vulnerable
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Does not exist
|
|
linux-hwe-5.4 Launchpad, Ubuntu, Debian |
bionic |
Released
(5.4.0-96.109~18.04.1)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-hwe-5.8 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Ignored
(was needs-triage now end-of-life)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-hwe-edge Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-hwe-5.4)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Ignored
(superseded by linux-hwe)
|
|
linux-ibm Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Released
(5.4.0-1012.13)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Not vulnerable
(5.15.0-1002.2)
|
|
kinetic |
Not vulnerable
(5.15.0-1002.2)
|
|
lunar |
Not vulnerable
(5.15.0-1002.2)
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-ibm-5.4 Launchpad, Ubuntu, Debian |
bionic |
Released
(5.4.0-1012.13~18.04.1)
|
focal |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-intel-5.13 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Released
(5.13.0-1010.10)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-intel-iotg Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Not vulnerable
(5.15.0-1004.6)
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Does not exist
|
|
linux-intel-iotg-5.15 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Not vulnerable
(5.15.0-1003.5~20.04.1)
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Does not exist
|
|
linux-iot Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Not vulnerable
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Does not exist
|
|
linux-kvm Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(4.15.0-1002.2)
|
focal |
Released
(5.4.0-1053.55)
|
|
hirsute |
Released
(5.11.0-1024.27)
|
|
impish |
Released
(5.13.0-1010.11)
|
|
jammy |
Not vulnerable
(5.15.0-1002.2)
|
|
kinetic |
Not vulnerable
(5.15.0-1004.4)
|
|
lunar |
Not vulnerable
(5.15.0-1004.4)
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Not vulnerable
(4.4.0-1004.9)
|
|
linux-lowlatency Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Not vulnerable
(5.15.0-22.22)
|
|
kinetic |
Not vulnerable
(5.15.0-24.24)
|
|
lunar |
Not vulnerable
(5.15.0-24.24)
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-lowlatency-hwe-5.15 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Not vulnerable
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Does not exist
|
|
linux-lowlatency-hwe-5.19 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Not vulnerable
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Does not exist
|
|
linux-lts-xenial Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Not vulnerable
(4.4.0-13.29~14.04.1)
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-oem Launchpad, Ubuntu, Debian |
bionic |
Ignored
(was needs-triage now end-of-life)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Ignored
(superseded by linux-hwe)
|
|
linux-oem-5.10 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Released
(5.10.0-1057.61)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-oem-5.13 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Released
(5.13.0-1028.35)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-oem-5.14 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Released
(5.14.0-1020.22)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-oem-5.17 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Not vulnerable
(5.17.0-1003.3)
|
|
kinetic |
Not vulnerable
(5.17.0-1003.3)
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-oem-5.6 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Ignored
(was needs-triage now end-of-life)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-oem-6.0 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Needs triage
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Does not exist
|
|
linux-oem-6.1 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Not vulnerable
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Does not exist
|
|
linux-oem-osp1 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(was needs-triage now end-of-life)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-oracle Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(4.15.0-1007.9)
|
focal |
Released
(5.4.0-1061.65)
|
|
hirsute |
Released
(5.11.0-1027.30)
|
|
impish |
Released
(5.13.0-1015.19)
|
|
jammy |
Not vulnerable
(5.15.0-1001.3)
|
|
kinetic |
Not vulnerable
(5.15.0-1002.4)
|
|
lunar |
Not vulnerable
(5.15.0-1002.4)
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Not vulnerable
(4.15.0-1007.9~16.04.1)
|
|
linux-oracle-5.0 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-oracle-5.3)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-oracle-5.11 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Released
(5.11.0-1027.30~20.04.1)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-oracle-5.13 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Released
(5.13.0-1015.19~20.04.1)
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-oracle-5.15 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Not vulnerable
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Does not exist
|
|
linux-oracle-5.3 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-oracle-5.4)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-oracle-5.4 Launchpad, Ubuntu, Debian |
bionic |
Released
(5.4.0-1061.65~18.04.1)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-oracle-5.8 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Ignored
(was needs-triage now end-of-life)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-raspi Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Released
(5.4.0-1050.56)
|
|
hirsute |
Released
(5.11.0-1027.30)
|
|
impish |
Released
(5.13.0-1015.17)
|
|
jammy |
Not vulnerable
(5.15.0-1002.2)
|
|
kinetic |
Not vulnerable
(5.15.0-1005.5)
|
|
lunar |
Not vulnerable
(5.15.0-1005.5)
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-raspi-5.4 Launchpad, Ubuntu, Debian |
bionic |
Released
(5.4.0-1050.56~18.04.1)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-raspi2 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(4.13.0-1005.5)
|
focal |
Ignored
(replaced by linux-raspi)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Ignored
(was needs-triage now end-of-life)
|
|
linux-raspi2-5.3 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(was needs-triage now end-of-life)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-riscv Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Ignored
(superseded by linux-riscv-5.8)
|
|
hirsute |
Ignored
(reached end-of-life)
|
|
impish |
Released
(5.13.0-1010.11)
|
|
jammy |
Not vulnerable
(5.15.0-1004.4)
|
|
kinetic |
Not vulnerable
(5.15.0-1007.7)
|
|
lunar |
Not vulnerable
(5.15.0-1007.7)
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-riscv-5.11 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Released
(5.11.0-1028.31~20.04.1)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-riscv-5.15 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Not vulnerable
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Needs triage
|
|
xenial |
Does not exist
|
|
linux-riscv-5.8 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Ignored
(was needs-triage now end-of-life)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Does not exist
|
|
linux-snapdragon Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(4.4.0-1077.82)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.17~rc1)
|
|
xenial |
Ignored
(was needs-triage now end-of-life)
|
Severity score breakdown
Parameter | Value |
---|---|
Base score | 8.4 |
Attack vector | Local |
Attack complexity | Low |
Privileges required | None |
User interaction | None |
Scope | Unchanged |
Confidentiality | High |
Integrity impact | High |
Availability impact | High |
Vector | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0185
- https://www.openwall.com/lists/oss-security/2022/01/18/7
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=722d94847de29310e8aa03fcbdb41fc92c521756
- https://ubuntu.com/security/notices/USN-5240-1
- https://ubuntu.com/security/notices/USN-5362-1
- NVD
- Launchpad
- Debian