Ubuntu 22.04 LTS Gets First Kernel Security Update, Three Vulnerabilities Patched

Ubuntu 22.04 Security Update

Canonical published today the first Linux kernel security update for its recently released Ubuntu 22.04 LTS (Jammy Jellyfish) operating system series to address three security vulnerabilities.

Dubbed as the Jammy Jellyfish, Ubuntu 22.04 LTS arrived last week on April 21st as Canonical’s 9th long-term support (LTS) series, which means that it will be supported with software and security updates for the next five years, until April 2027.

The Jammy Jellyfish release is also powered by a long-term supported kernel, namely Linux 5.15 LTS, and today it was updated from the version available in the live/installation image (linux-image 5.15.0-25) to fix a total of three security flaws discovered by various security researchers.

These include CVE-2022-26490, a flaw discovered in the Linux kernel’s ST21NFCA NFC driver that could allow a physically proximate attacker to cause a denial of service (system crash) or possibly execute arbitrary code.

Also patched in this security update are CVE-2022-1015 and CVE-2022-1016, two security issues discovered by David Bouman in the Linux kernel’s netfilter subsystem. These vulnerabilities could allow local attackers to cause a denial of service, execute arbitrary code, or expose sensitive information (kernel memory).

Canonical urges all Ubuntu 22.04 LTS users to update their installations to the new kernel security version, linux-image 5.15.0-27.28, which is now available in the stable repository for generic and lowlatency kernel flavors, as well as for Google Cloud Platform (GCP) and IBM cloud systems.

To update your installations, run the sudo apt update && sudo apt full-upgrade command in the Terminal app or use the Software Updater utility to install all available updates. Once the new kernel version was installed, you need to reboot your computer, as well as rebuild and reinstall any third-party kernel modules you might have installed.

Last updated 5 months ago