Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2022-21505

Vulnerability Summary

A bug in the IMA subsystem exists which would incorrectly allow kexec to be used when kernel lockdown was enabled (CVE-2022-21505) A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. (CVE-2022-23816) A flaw was found in hw. Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type, potentially leading to information disclosure. (CVE-2022-23825) A flaw was found in hw. In certain processors with Intel's Enhanced Indirect Branch Restricted Speculation (eIBRS) capabilities, soon after VM exit or IBPB command event, the linear address following the most recent near CALL instruction prior to a VM exit may be used as the Return Stack Buffer (RSB) prediction. (CVE-2022-26373) A flaw was found in hw. The unprotected alternative channel of return branch target prediction in some Intel(R) Processors may allow an authorized user to enable information disclosure via local access. (CVE-2022-28693) A flaw was found in hw. Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions. (CVE-2022-29900) A flaw was found in hw. Non-transparent sharing of branch predictor targets between contexts in some Intel(R) processors may potentially allow an authorized user to enable information disclosure via local access. (CVE-2022-29901) The Linux kernel prior to 5.18.13 lacks a certain clear operation for the block starting symbol (.bss). This allows Xen PV guest OS users to cause a denial of service or gain privileges. (CVE-2022-36123) An issue exists in the Linux kernel up to and including 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice. (CVE-2022-36879) A memory corruption flaw was found in the Linux kernel's Netfilter subsystem in the way a local user uses the libnetfilter_queue when analyzing a corrupted network packet. This flaw allows a local user to crash the system or a remote user to crash the system when the libnetfilter_queue is used by a local user. (CVE-2022-36946)

Vulnerability Trend

Vendor Advisories

Red Hat: Important: kernel security, bug fix, and enhancement update
Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated ...
Amazon Linux 2: ALAS2KERNEL-5.10-2022-019
A bug in the IMA subsystem was discovered which would incorrectly allow kexec to be used when kernel lockdown was enabled (CVE-2022-21505) A flaw was found in hw Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions (CVE-2022-23816) A flaw was fou ...
Amazon Linux 2: ALAS2KERNEL-5.15-2022-007
An out-of-bounds read flaw was found in the Linux kernel's TeleTYpe subsystem The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flush_to_ldisc function This flaw allows a local user to crash the system or read unauthorized random data from memory ...
Amazon Linux 2: ALAS2KERNEL-5.4-2022-034
An out-of-bounds write flaw was found in the Linux kernel’s framebuffer-based console driver functionality in the way a user triggers ioctl FBIOPUT_VSCREENINFO with malicious data This flaw allows a local user to crash or potentially escalate their privileges on the system (CVE-2021-33655) A bug in the IMA subsystem was discovered which ...
Amazon Linux 2022: ALAS2022-2022-150
A flaw was found in the Linux kernel The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV) (CVE-2022-0171) An out-of-bounds read flaw was found in the Linux kernel's TeleT ...

Github Repositories

https://github.com/xairy/unlockdown

Disabling kernel lockdown on Ubuntu without physical access

unlockdown This repo demonstrates some ways to disable or bypass kernel lockdown on Ubuntu (and some other) kernels without physical access to the machine, essentially bypassing this security feature (Updated 21032020) At this point, all outlined bypass methods have been fixed on Ubuntu, Fedora and Debian (see this for details) The other linked methods might still work St

References

https://access.redhat.com/errata/RHSA-2023:2458https://github.com/xairy/unlockdownhttps://alas.aws.amazon.com/AL2/ALASKERNEL-5.10-2022-019.htmlhttps://alas.aws.amazon.com/AL2/ALASKERNEL-5.15-2022-007.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38002CVE-2006-4304CVE-2024-4336CVE-2024-33437CVE-2024-4340CVE-2024-27956privilegeinsecure direct object referenceXSSitem search icon">CVE-2024-25938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook