AVG-2752 log

Package	linux-hardened
Status	Fixed
Severity	High
Type	multiple issues
Affected	5.17.12.hardened2-2
Fixed	5.17.13.hardened1-1
Current	6.8.9.hardened1-2 [extra]
Ticket	None
Created	Tue Jun 7 12:08:32 2022

Issue	Severity	Remote	Type	Description
CVE-2022-1975	Medium	Unknown	Unknown	a sleep called in an atomic context could cause kernel panic during nfc firmware download
CVE-2022-1974	Medium	No	Information disclosure	a user with CAP_NET_ADMIN can use a race condition between kobject creation and delete to leak kernel information
CVE-2022-1972	High	No	Privilege escalation	a user with the ability to create user/net namespaces can exploit an out-of-bounds write in netflter to achieve privilege escalation to root.
CVE-2022-1966	High	No	Privilege escalation	a user with the ability to create user/net namespaces can exploit a use-after-free write in netflter to achieve privilege escalation to root.
CVE-2022-1734	High	No	Unknown	possible use-after-free due to race condition when simulating NFC device from user space

References
https://github.com/torvalds/linux/commit/d8db0465bcc4d4b54ecfb67b820ed26eb1440da7 https://github.com/torvalds/linux/commit/88f3e3d243d701586239c5b69356ec2b1fd05f1 https://github.com/torvalds/linux/commit/63a545103b77091f2309b44a8975cdf255bb99b2 https://github.com/torvalds/linux/commit/8b58d6e565d83443c51b3fc076bd4472674aca0c https://github.com/torvalds/linux/commit/f4bfbac45121c8638db5eacb1ebbb61ee956c668

References

https://github.com/torvalds/linux/commit/d8db0465bcc4d4b54ecfb67b820ed26eb1440da7
https://github.com/torvalds/linux/commit/88f3e3d243d701586239c5b69356ec2b1fd05f1
https://github.com/torvalds/linux/commit/63a545103b77091f2309b44a8975cdf255bb99b2
https://github.com/torvalds/linux/commit/8b58d6e565d83443c51b3fc076bd4472674aca0c
https://github.com/torvalds/linux/commit/f4bfbac45121c8638db5eacb1ebbb61ee956c668

Notes
TODO: check wether CVE-2022-1462, CVE-2022-1786 and CVE-2022-1852 belong here