New Ubuntu Linux Kernel Security Updates Fix 16 Vulnerabilities, Patch Now

Linux Kernel Ubuntu Vulnerabilities

Canonical released today new Linux kernel security patches for all supported Ubuntu releases to address various security vulnerabilities discovered in the upstream kernel packages.

The new Ubuntu Linux kernel security updates come about three weeks after the previous security update and patch a total of 16 vulnerabilities for Ubuntu 22.04 LTS (Jammy Jellyfish), Ubuntu 20.04 LTS (Focal Fossa), Ubuntu 18.04 LTS (Bionic Beaver), and Ubuntu 16.04 ESM (Xenial Xerus).

For Ubuntu 22.04 LTS and Ubuntu 20.04 LTS systems running Linux kernel 5.15 LTS, the new kernel updates address CVE-2022-1882, a race condition discovered by Selim Enes Karaduman in the general notification queue implementation, as well as CVE-2022-39189, a security flaw discovered by Google Project Zero’s Jann Horn in the KVM subsystem. Both of them could allow a local attacker in a guest virtual machine to cause a denial of service (guest crash) or possibly execute arbitrary code.

Also for Ubuntu 22.04 LTS and 20.04 LTS systems running Linux kernel 5.15 LTS, as well as for Ubuntu 20.04 LTS and 18.04 LTS systems running Linux kernel 5.4 LTS, the new security updates fix CVE-2022-3176, a use-after-free vulnerability discovered by Eric Biggers in the io_uring subsystem that could allow a local attacker to cause a denial of service (system crash) or execute arbitrary code, CVE-2022-36879, a flaw discovered in the Netlink Transformation (XFRM) subsystem that could allow a local attacker to cause a denial of service (system crash), as well as CVE-2022-26373, an issue affecting Intel CPUs with eIBRS (Enhanced Indirect Branch Restricted Speculation) that could allow a local attacker to expose sensitive information.

Only for Ubuntu 20.04 LTS and 18.04 LTS systems running Linux kernel 5.4 LTS, the new Linux kernel security update fixes CVE-2022-20369, an out-of-bounds write vulnerability discovered in the Video for Linux 2 (V4L2) implementation, which could allow a local attacker to cause a denial of service (system crash) or execute arbitrary code, as well as CVE-2021-4159, a security issue discovered in the BPF verifier that could allow a local attacker to expose sensitive information (kernel memory).

For Ubuntu 20.04 LTS and 18.04 LTS systems running Linux kernel 5.4 LTS, as well as for Ubuntu 18.04 LTS and 16.04 ESM systems running Linux kernel 4.15, the new kernel security patches address several security vulnerabilities (CVE-2022-33740, CVE-2022-33741, CVE-2022-33742, and CVE-2022-33744) found in the Xen paravirtualization platform that could allow a local attacker to expose sensitive information (guest kernel memory) or cause a denial of service (guest or host crash).

The same goes for CVE-2022-26365, a security vulnerability discovered by Roger Pau Monné in the Xen virtual block driver, which could allow a local attacker to expose sensitive information (guest kernel memory), and CVE-2022-2318, race conditions discovered in the timer handling the implementation of the Linux kernel’s Rose X.25 protocol layer, which could allow a local attacker to cause a denial of service (system crash).

For Ubuntu 18.04 LTS and Ubuntu 16.04 ESM systems running Linux kernel 4.15, the new security updates also address CVE-2022-0812, a security flaw discovered in the SUNRPC RDMA protocol implementation that could allow a local attacker to expose sensitive information (kernel memory), as well as CVE-2022-1012 and CVE-2022-32296, two vulnerabilities discovered by Moshe Kol, Amit Klein and Yossi Gilad in the IP implementation, which could allow an attacker to expose sensitive information.

Canonical urges all Ubuntu users to update the kernel packages in their systems as soon as possible to the new versions (linux-image 5.15.0.50.50 for Ubuntu 22.04 LTS, linux-image 5.15.0-50.56~20.04.1 for Ubuntu 20.04.5 LTS, linux-image 5.4.0.128.144 for Ubuntu 20.04 LTS, linux-image 5.4.0.128.144~18.04.107 for Ubuntu 18.04.6 LTS, linux-image 4.15.0.194.179 for Ubuntu 18.04 LTS, and linux-image 4.15.0-194.205~16.04.1 for Ubuntu 16.04 ESM using Ubuntu Pro).

To update your Ubuntu installations, run the sudo apt update && sudo apt full-upgrade command in the Terminal app or another terminal emulator, or use the Software Updater utility. Kernel updates require a system reboot, and you may also need to recompile and reinstall any third-party kernel modules you might have installed in case you’ve manually uninstalled the standard kernel metapackages.

Last updated 2 months ago