← Retour
UBUNTU-CVE-2022-24958
drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev->buf release.
Résumé IA snake-internal / snake-template-v1
Une faille nommée UBUNTU-CVE-2022-24958 a été découverte dans le produit concerné.
Gravité : Info. Faible gravité ou non encore évaluée.
Ce que vous pouvez faire : mettez à jour le logiciel concerné. En cas de doute, contactez votre service informatique ou recherchez "le produit UBUNTU-CVE-2022-24958" sur le site de l'éditeur.
UBUNTU-CVE-2022-24958 (le produit concerné). Gravité : Info.
Plan de réponse :
1. Vérifier l'avis de l'éditeur (versions affectées, version corrigée).
2. Si une version vulnérable tourne en production, planifier l'intervention (urgence selon KEV/CVSS).
3. Sans correctif disponible, mitiger via règle WAF, désactivation de la fonctionnalité, etc.
4. Surveiller les logs / SIEM pour les IOC et signatures de PoC connus.
PoC et correctifs : voir la section « Références », MITRE et NVD.
❓ Quel est le problème
Une faille (UBUNTU-CVE-2022-24958) dans le produit concerné. Une faille logicielle sérieuse a été identifiée.
📍 Périmètre concerné
Versions ciblées de le produit concerné (voir l'avis éditeur). Si en production, identifiez l'exposition immédiatement.
🔥 Gravité
Gravité : Info. Faible gravité ou non encore évaluée.
🔧 Comment corriger
Appliquez la version corrigée indiquée dans l'avis éditeur.
🛡️ Contournement
Si aucun correctif n'est disponible, désactivez la fonctionnalité concernée, appliquez des règles WAF, bloquez via ACL réseau ou isolez la version vulnérable.
🔍 Détection
Vérifiez les versions, analysez les dépendances via SBOM, et surveillez le SIEM pour les IOC et signatures de PoC associés.
Paquets affectés
Ubuntu:Pro:14.04:LTS
linux-aws
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.4.0-1109.115"}]}]
Ubuntu:Pro:14.04:LTS
linux-azure
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15.0-1138.151~14.04.1"}]}]
Ubuntu:Pro:14.04:LTS
linux-lts-xenial
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.4.0-229.263~14.04.1"}]}]
Ubuntu:Pro:14.04:LTS
linux
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:Pro:16.04:LTS
linux
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.4.0-229.263"}]}]
Ubuntu:Pro:16.04:LTS
linux-aws
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.4.0-1145.160"}]}]
Ubuntu:Pro:16.04:LTS
linux-aws-hwe
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15.0-1128.137~16.04.1"}]}]
Ubuntu:Pro:16.04:LTS
linux-azure
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15.0-1138.151~16.04.1"}]}]
Ubuntu:Pro:16.04:LTS
linux-gcp
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15.0-1122.136~16.04.1"}]}]
Ubuntu:Pro:16.04:LTS
linux-hwe
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15.0-177.186~16.04.1"}]}]
Ubuntu:16.04:LTS
linux-hwe-edge
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:Pro:16.04:LTS
linux-kvm
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.4.0-1110.120"}]}]
Ubuntu:Pro:16.04:LTS
linux-oracle
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15.0-1093.102~16.04.1"}]}]
Ubuntu:Pro:FIPS:16.04:LTS
linux-fips
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:18.04:LTS
linux
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15.0-177.186"}]}]
Ubuntu:18.04:LTS
linux-aws
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15.0-1128.137"}]}]
Ubuntu:18.04:LTS
linux-aws-5.4
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.0-1078.84~18.04.1"}]}]
Ubuntu:18.04:LTS
linux-azure-4.15
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15.0-1138.151"}]}]
Ubuntu:18.04:LTS
linux-azure-5.4
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.0-1083.87~18.04.1"}]}]
Ubuntu:18.04:LTS
linux-dell300x
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15.0-1042.47"}]}]
Ubuntu:18.04:LTS
linux-gcp-4.15
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15.0-1122.136"}]}]
Ubuntu:18.04:LTS
linux-gcp-5.4
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.0-1078.84~18.04.1"}]}]
Ubuntu:18.04:LTS
linux-gke-5.4
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.0-1074.79~18.04.1"}]}]
Ubuntu:18.04:LTS
linux-gkeop-5.4
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.0-1046.48~18.04.1"}]}]
Ubuntu:18.04:LTS
linux-hwe-5.4
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.0-117.132~18.04.1"}]}]
Ubuntu:18.04:LTS
linux-ibm-5.4
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.0-1028.32~18.04.1"}]}]
Ubuntu:18.04:LTS
linux-kvm
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15.0-1114.117"}]}]
Ubuntu:18.04:LTS
linux-oracle
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15.0-1093.102"}]}]
Ubuntu:18.04:LTS
linux-oracle-5.4
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.0-1076.83~18.04.1"}]}]
Ubuntu:18.04:LTS
linux-raspi-5.4
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.0-1065.75~18.04.1"}]}]
Ubuntu:18.04:LTS
linux-raspi2
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15.0-1109.116"}]}]
Ubuntu:18.04:LTS
linux-snapdragon
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15.0-1127.136"}]}]
Ubuntu:18.04:LTS
linux-aws-5.0
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:18.04:LTS
linux-aws-5.3
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:18.04:LTS
linux-azure
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:18.04:LTS
linux-azure-5.3
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:18.04:LTS
linux-azure-edge
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:18.04:LTS
linux-gcp
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:18.04:LTS
linux-gcp-5.3
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:18.04:LTS
linux-gke-4.15
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:18.04:LTS
linux-hwe
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:18.04:LTS
linux-hwe-edge
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:18.04:LTS
linux-oem
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:18.04:LTS
linux-oracle-5.0
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:18.04:LTS
linux-oracle-5.3
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:Pro:FIPS-updates:18.04:LTS
linux-aws-fips
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15.0-2067.70"}]}]
Ubuntu:Pro:FIPS-updates:18.04:LTS
linux-azure-fips
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15.0-2049.53"}]}]
Ubuntu:Pro:FIPS-updates:18.04:LTS
linux-fips
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15.0-1085.94"}]}]
Ubuntu:Pro:FIPS-updates:18.04:LTS
linux-gcp-fips
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15.0-2032.35"}]}]
Ubuntu:Pro:FIPS:18.04:LTS
linux-aws-fips
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:Pro:FIPS:18.04:LTS
linux-azure-fips
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:Pro:FIPS:18.04:LTS
linux-fips
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:Pro:FIPS:18.04:LTS
linux-gcp-fips
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:20.04:LTS
linux
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.0-117.132"}]}]
Ubuntu:20.04:LTS
linux-aws
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.0-1078.84"}]}]
Ubuntu:20.04:LTS
linux-aws-5.13
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.13.0-1028.31~20.04.1"}]}]
Ubuntu:20.04:LTS
linux-azure
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.0-1083.87"}]}]
Ubuntu:20.04:LTS
linux-azure-5.13
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.13.0-1028.33~20.04.1"}]}]
Ubuntu:20.04:LTS
linux-bluefield
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.0-1040.44"}]}]
Ubuntu:20.04:LTS
linux-gcp
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.0-1078.84"}]}]
Ubuntu:20.04:LTS
linux-gcp-5.13
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.13.0-1030.36~20.04.1"}]}]
Ubuntu:20.04:LTS
linux-gke
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.0-1074.79"}]}]
Ubuntu:20.04:LTS
linux-gkeop
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.0-1046.48"}]}]
Ubuntu:20.04:LTS
linux-hwe-5.13
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.13.0-48.54~20.04.1"}]}]
Ubuntu:20.04:LTS
linux-ibm
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.0-1026.29"}]}]
Ubuntu:20.04:LTS
linux-intel-5.13
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.13.0-1014.15"}]}]
Ubuntu:20.04:LTS
linux-intel-iotg-5.15
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.15.0-1008.11~20.04.1"}]}]
Ubuntu:20.04:LTS
linux-iot
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.0-1004.6"}]}]
Ubuntu:20.04:LTS
linux-kvm
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.0-1068.72"}]}]
Ubuntu:20.04:LTS
linux-oem-5.14
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.14.0-1033.36"}]}]
Ubuntu:20.04:LTS
linux-oracle
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.0-1076.83"}]}]
Ubuntu:20.04:LTS
linux-oracle-5.13
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.13.0-1033.39~20.04.1"}]}]
Ubuntu:20.04:LTS
linux-raspi
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.0-1065.75"}]}]
Ubuntu:20.04:LTS
linux-aws-5.11
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:20.04:LTS
linux-aws-5.8
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:20.04:LTS
linux-azure-5.11
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:20.04:LTS
linux-azure-5.8
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:20.04:LTS
linux-gcp-5.11
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:20.04:LTS
linux-gcp-5.8
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:20.04:LTS
linux-hwe-5.11
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:20.04:LTS
linux-hwe-5.8
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:20.04:LTS
linux-oem-5.10
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:20.04:LTS
linux-oem-5.13
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:20.04:LTS
linux-oem-5.6
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:20.04:LTS
linux-oracle-5.11
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:20.04:LTS
linux-oracle-5.8
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:20.04:LTS
linux-raspi2
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:20.04:LTS
linux-riscv
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:20.04:LTS
linux-riscv-5.11
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:20.04:LTS
linux-riscv-5.8
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:Pro:FIPS-updates:20.04:LTS
linux-aws-fips
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.0-1078.84+fips1"}]}]
Ubuntu:Pro:FIPS-updates:20.04:LTS
linux-azure-fips
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.0-1083.87+fips1"}]}]
Ubuntu:Pro:FIPS-updates:20.04:LTS
linux-fips
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.0-1054.61"}]}]
Ubuntu:Pro:FIPS-updates:20.04:LTS
linux-gcp-fips
[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.0-1078.84+fips1"}]}]
Ubuntu:Pro:FIPS:20.04:LTS
linux-aws-fips
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:Pro:FIPS:20.04:LTS
linux-azure-fips
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:Pro:FIPS:20.04:LTS
linux-fips
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:Pro:FIPS:20.04:LTS
linux-gcp-fips
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:22.04:LTS
linux-intel-iot-realtime
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:22.04:LTS
linux-realtime
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:24.04:LTS
linux-raspi-realtime
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Ubuntu:26.04
linux-nvidia
[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}]
Références
- advisory https://ubuntu.com/security/notices/USN-5381-1
- advisory https://ubuntu.com/security/notices/USN-5418-1
- advisory https://ubuntu.com/security/notices/USN-5467-1
- advisory https://ubuntu.com/security/notices/USN-5468-1
- advisory https://ubuntu.com/security/notices/USN-5505-1
- advisory https://ubuntu.com/security/notices/USN-5513-1
- report https://ubuntu.com/security/CVE-2022-24958
- report https://github.com/torvalds/linux/commit/501e38a5531efbd77d5c73c0ba838a889bfc1d74
- report https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=89f3594d0de58e8a57d92d497dea9fee3d4b9cda
- report https://github.com/torvalds/linux/commit/89f3594d0de58e8a57d92d497dea9fee3d4b9cda
- report https://www.cve.org/CVERecord?id=CVE-2022-24958