CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
94.8%
Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the
Linux kernel did not properly restrict access to the cgroups v1
release_agent feature. A local attacker could use this to gain
administrative privileges. (CVE-2022-0492)
Jürgen Groß discovered that the Xen subsystem within the Linux kernel did
not adequately limit the number of events driver domains (unprivileged PV
backends) could send to other guest VMs. An attacker in a driver domain
could use this to cause a denial of service in other guest VMs.
(CVE-2021-28711, CVE-2021-28712, CVE-2021-28713)
Jürgen Groß discovered that the Xen network backend driver in the Linux
kernel did not adequately limit the amount of queued packets when a guest
did not process them. An attacker in a guest VM can use this to cause a
denial of service (excessive kernel memory consumption) in the network
backend domain. (CVE-2021-28714, CVE-2021-28715)
It was discovered that the simulated networking device driver for the Linux
kernel did not properly initialize memory in certain situations. A local
attacker could use this to expose sensitive information (kernel memory).
(CVE-2021-4135)
Brendan Dolan-Gavitt discovered that the Marvell WiFi-Ex USB device driver
in the Linux kernel did not properly handle some error conditions. A
physically proximate attacker could use this to cause a denial of service
(system crash). (CVE-2021-43976)
It was discovered that the ARM Trusted Execution Environment (TEE)
subsystem in the Linux kernel contained a race condition leading to a use-
after-free vulnerability. A local attacker could use this to cause a denial
of service or possibly execute arbitrary code. (CVE-2021-44733)
It was discovered that the Phone Network protocol (PhoNet) implementation
in the Linux kernel did not properly perform reference counting in some
error conditions. A local attacker could possibly use this to cause a
denial of service (memory exhaustion). (CVE-2021-45095)
It was discovered that the Reliable Datagram Sockets (RDS) protocol
implementation in the Linux kernel did not properly deallocate memory in
some error conditions. A local attacker could possibly use this to cause a
denial of service (memory exhaustion). (CVE-2021-45480)
Samuel Page discovered that the Transparent Inter-Process Communication
(TIPC) protocol implementation in the Linux kernel contained a stack-based
buffer overflow. A remote attacker could use this to cause a denial of
service (system crash) for systems that have a TIPC bearer configured.
(CVE-2022-0435)
It was discovered that the KVM implementation for s390 systems in the Linux
kernel did not properly prevent memory operations on PVM guests that were
in non-protected mode. A local attacker could use this to obtain
unauthorized memory write access. (CVE-2022-0516)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 20.04 | noarch | linux-image-5.4.0-105-generic-lpae | < 5.4.0-105.119 | UNKNOWN |
Ubuntu | 20.04 | noarch | block-modules-5.4.0-105-generic-di | < 5.4.0-105.119 | UNKNOWN |
Ubuntu | 20.04 | noarch | crypto-modules-5.4.0-105-generic-di | < 5.4.0-105.119 | UNKNOWN |
Ubuntu | 20.04 | noarch | fat-modules-5.4.0-105-generic-di | < 5.4.0-105.119 | UNKNOWN |
Ubuntu | 20.04 | noarch | fb-modules-5.4.0-105-generic-di | < 5.4.0-105.119 | UNKNOWN |
Ubuntu | 20.04 | noarch | firewire-core-modules-5.4.0-105-generic-di | < 5.4.0-105.119 | UNKNOWN |
Ubuntu | 20.04 | noarch | floppy-modules-5.4.0-105-generic-di | < 5.4.0-105.119 | UNKNOWN |
Ubuntu | 20.04 | noarch | fs-core-modules-5.4.0-105-generic-di | < 5.4.0-105.119 | UNKNOWN |
Ubuntu | 20.04 | noarch | fs-secondary-modules-5.4.0-105-generic-di | < 5.4.0-105.119 | UNKNOWN |
Ubuntu | 20.04 | noarch | input-modules-5.4.0-105-generic-di | < 5.4.0-105.119 | UNKNOWN |
ubuntu.com/security/CVE-2021-28711
ubuntu.com/security/CVE-2021-28712
ubuntu.com/security/CVE-2021-28713
ubuntu.com/security/CVE-2021-28714
ubuntu.com/security/CVE-2021-28715
ubuntu.com/security/CVE-2021-4135
ubuntu.com/security/CVE-2021-43976
ubuntu.com/security/CVE-2021-44733
ubuntu.com/security/CVE-2021-45095
ubuntu.com/security/CVE-2021-45480
ubuntu.com/security/CVE-2022-0435
ubuntu.com/security/CVE-2022-0492
ubuntu.com/security/CVE-2022-0516
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
94.8%