Canonical Releases New Ubuntu Kernel Security Updates to Fix 3 Vulnerabilities

Users are urged to update their systems immediately to the new kernel versions available in the stable repositories.
Marius Nestorby Marius Nestor0
Canonical Ubuntu Kernel

Canonical released today new Linux kernel security updates for all supported Ubuntu releases to address up to three security vulnerabilities discovered and reported by various security researchers.

Today’s Linux kernel security updates are available for Ubuntu 23.04 (Lunar Lobster) systems running Linux kernel 6.2, Ubuntu 22.10 (Kinetic Kudu) systems running Linux kernel 5.19, Ubuntu 22.04 LTS (Jammy Jellyfish) systems running Linux kernel 5.15 LTS or 5.19 HWE, Ubuntu 20.04 LTS (Focal Fossa) systems running Linux kernel 5.4 or 5.15 HWE, as well as Ubuntu 18.04 ESM systems running Linux kernel 5.4 HWE.

For all aforementioned Ubuntu releases, the new Linux kernel security updates address CVE-2023-35788, an out-of-bounds write vulnerability discovered by Hangyu Hua in Linux kernel’s Flower classifier implementation, which could allow an attacker to cause a denial of service (system crash) or execute arbitrary code.

Only for Ubuntu 22.10 and Ubuntu 22.04 LTS systems running Linux kernel 5.19, the new Linux kernel security updates address CVE-2023-2430, a security vulnerability discovered by Xingyuan Mo and Gengjia Chen in Linux kernel’s io_uring subsystem, which could allow a local attacker to cause a denial of service (system crash).

For all supported Ubuntu releases, the new Linux kernel security updates also patch a flaw affecting Intel processors caused by the inability of the INVLPG instruction implementation to properly flush global TLB entries when PCIDs are enabled. This flaw could allow an attacker to expose sensitive information (kernel memory) or possibly cause undesired behaviors.

All these security issues can be corrected by updating your Ubuntu systems to the new kernel packages available in the stable software repositories (linux-image-generic 6.2.0-24.24 for Ubuntu 23.04, linux-image-generic 5.19.0-46.47 for Ubuntu 22.10, linux-image-generic 5.15.0.76.74 and linux-image-generic 5.19.0-46.47~22.04.1 for Ubuntu 22.04 LTS, linux-image-generic 5.4.0.153.150 for Ubuntu 20.04 LTS, and linux-image-generic-hwe 5.4.0.153.170~18.04.124 for Ubuntu 18.04 ESM).

Canonical urges all Ubuntu users to update their installations to the new kernel versions as soon as possible. To do that, run the sudo apt update && sudo apt full-upgrade command in the Terminal app or use the Software Updater utility. Don’t forget to reboot your systems after installing the new kernel versions and also rebuild and reinstall any third-party kernel modules you might have installed.

Last updated 10 months ago

Buy Me a Coffee at ko-fi.com