vulnerability

Ubuntu: (Multiple Advisories) (CVE-2022-49698): Linux kernel vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:L/AC:L/Au:S/C:C/I:C/A:C)	Feb 26, 2025	Mar 19, 2025	May 3, 2026

Severity

CVSS

(AV:L/AC:L/Au:S/C:C/I:C/A:C)

Published

Feb 26, 2025

Added

Mar 19, 2025

Modified

May 3, 2026

Description

In the Linux kernel, the following vulnerability has been resolved:

netfilter: use get_random_u32 instead of prandom

bh might occur while updating per-cpu rnd_state from user context,
ie. local_out path.

BUG: using smp_processor_id() in preemptible [00000000] code: nginx/2725
caller is nft_ng_random_eval+0x24/0x54 [nft_numgen]
Call Trace:
check_preemption_disabled+0xde/0xe0
nft_ng_random_eval+0x24/0x54 [nft_numgen]

Use the random driver instead, this also avoids need for local prandom
state. Moreover, prandom now uses the random driver since d4150779e60f
("random32: use real rng for non-deterministic randomness").

Based on earlier patch from Pablo Neira.

Solutions

ubuntu-upgrade-linux-image-5-4-0-1058-iotubuntu-upgrade-linux-image-5-4-0-1072-xilinx-zynqmpubuntu-upgrade-linux-image-5-4-0-1100-ibmubuntu-upgrade-linux-image-5-4-0-1116-bluefieldubuntu-upgrade-linux-image-5-4-0-1128-fipsubuntu-upgrade-linux-image-5-4-0-1137-raspiubuntu-upgrade-linux-image-5-4-0-1141-kvmubuntu-upgrade-linux-image-5-4-0-1152-oracleubuntu-upgrade-linux-image-5-4-0-1154-awsubuntu-upgrade-linux-image-5-4-0-1154-aws-fipsubuntu-upgrade-linux-image-5-4-0-1157-azureubuntu-upgrade-linux-image-5-4-0-1157-gcpubuntu-upgrade-linux-image-5-4-0-1157-gcp-fipsubuntu-upgrade-linux-image-5-4-0-1158-azure-fipsubuntu-upgrade-linux-image-5-4-0-225-genericubuntu-upgrade-linux-image-5-4-0-225-generic-lpaeubuntu-upgrade-linux-image-5-4-0-225-lowlatencyubuntu-upgrade-linux-image-awsubuntu-upgrade-linux-image-aws-5-4ubuntu-upgrade-linux-image-aws-fipsubuntu-upgrade-linux-image-aws-fips-5-4ubuntu-upgrade-linux-image-aws-lts-20-04ubuntu-upgrade-linux-image-azureubuntu-upgrade-linux-image-azure-5-4ubuntu-upgrade-linux-image-azure-fipsubuntu-upgrade-linux-image-azure-fips-5-4ubuntu-upgrade-linux-image-azure-lts-20-04ubuntu-upgrade-linux-image-bluefieldubuntu-upgrade-linux-image-bluefield-5-4ubuntu-upgrade-linux-image-fipsubuntu-upgrade-linux-image-fips-5-4ubuntu-upgrade-linux-image-gcpubuntu-upgrade-linux-image-gcp-5-4ubuntu-upgrade-linux-image-gcp-fipsubuntu-upgrade-linux-image-gcp-fips-5-4ubuntu-upgrade-linux-image-gcp-lts-20-04ubuntu-upgrade-linux-image-genericubuntu-upgrade-linux-image-generic-5-4ubuntu-upgrade-linux-image-generic-hwe-18-04ubuntu-upgrade-linux-image-generic-lpaeubuntu-upgrade-linux-image-generic-lpae-5-4ubuntu-upgrade-linux-image-ibmubuntu-upgrade-linux-image-ibm-5-4ubuntu-upgrade-linux-image-ibm-edgeubuntu-upgrade-linux-image-ibm-lts-20-04ubuntu-upgrade-linux-image-kvmubuntu-upgrade-linux-image-kvm-5-4ubuntu-upgrade-linux-image-lowlatencyubuntu-upgrade-linux-image-lowlatency-5-4ubuntu-upgrade-linux-image-lowlatency-hwe-18-04ubuntu-upgrade-linux-image-oemubuntu-upgrade-linux-image-oem-osp1ubuntu-upgrade-linux-image-oracleubuntu-upgrade-linux-image-oracle-5-4ubuntu-upgrade-linux-image-oracle-lts-20-04ubuntu-upgrade-linux-image-raspiubuntu-upgrade-linux-image-raspi-5-4ubuntu-upgrade-linux-image-raspi-hwe-18-04ubuntu-upgrade-linux-image-raspi2ubuntu-upgrade-linux-image-snapdragon-5-4ubuntu-upgrade-linux-image-snapdragon-hwe-18-04ubuntu-upgrade-linux-image-virtualubuntu-upgrade-linux-image-virtual-5-4ubuntu-upgrade-linux-image-virtual-hwe-18-04ubuntu-upgrade-linux-image-xilinx-zynqmpubuntu-upgrade-linux-image-xilinx-zynqmp-5-4

References

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report