Canonical today published a new Linux kernel security update for all supported Ubuntu releases to address two security vulnerabilities affecting all supported kernel versions and flavors.
The new Linux kernel update comes just a few days after the previous Ubuntu major update one and only patches two flaws, namely CVE-2022-1055, a use-after-free vulnerability discovered in the network traffic control implementation, and CVE-2022-27666, a security issue discovered in the IPsec implementation that could lead to a heap-based buffer overflow.
Both of these flaws could allow a local attacker to crash the vulnerable system by causing a denial of service or possibly execute arbitrary code, but the CVE-2022-1055 flaw could also allow a local attacker to gain privilege escalation. As such, CVE-2022-1055 is marked with a “high” priority while CVE-2022-27666 has a priority status of “medium”.
Canonical issued new Linux kernel versions for Ubuntu 21.10 (Impish Indri) systems running Linux kernel 5.13 (linux-image 126.96.36.199.48), Ubuntu 20.04 LTS (Focal Fossa) systems running Linux kernel 5.4 LTS (linux-image 188.8.131.52.111) or Linux kernel 5.13 HWE (linux-image-5.13.0-39 5.13.0-39.44~20.04.1), as well as Ubuntu 18.04 LTS (Bionic Beaver) systems running Linux kernel 5.4 HWE (linux-image-generic-hwe-18.04 184.108.40.206.121~18.04.92).
Users are urged to update their installations as soon as possible to the new kernel versions available in the stable repositories for their architectures and flavors. To update your Ubuntu installations and install the new security update, simply run the sudo apt update && sudo apt full-upgrade command in a terminal emulator or use the Software Updater utility. Please keep in mind to reboot your installations after installing the new kernel versions!
Last updated 2 years ago