Corporate Training
News/Tech News

Security Updates for Ubuntu Fix 15 Vulnerabilities

Published on Sep 22, 2022

New Linux kernel security updates have been released today by Canonical to address 15 security vulnerabilities found in upstream kernels.

These Linux kernel security updates are available for Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 16.04 ESM. Among the 15 security vulnerabilities addressed are two that are common to all Ubuntu releases, namely CVE-2031105, an out-of-bounds write vulnerability in the framebuffer driver that could allow a local attacker to cause a system crash or possibly execute arbitrary code, as well as CVE-2022-36946, an issue discovered by Domingo Dirutigliano and Nicola Guerrera in the netfilter subsystem that could cause the system to crash remotely.

New security updates address the CVE-2022-26365 and CVE-2022-33740 security vulnerabilities, which were discovered by Roger Pau Monné in the Xen virtual block driver and paravirtualization frontend that could expose sensitive information (guest kernel memory) to local attackers on Ubuntu 22.04 LTS and Ubuntu 20.04 LTS systems running Linux kernel 5.15 LTS.

A similar vulnerability was found in the Xen paravirtualization frontend and the Xen network device frontend driver, CVE-2022-33741, CVE-2022-33742, CVE-2022-33743, and CVE-2022-33744. Local attackers could cause a denial of service (guest crash) or reveal sensitive information (guest kernel memory), or attackers in guest virtual machines could cause host operating system denial of service.

Moreover, Ubuntu 22.04 LTS and 20.04 LTS systems running the Linux 5.15 LTS kernel have been patched against CVE-2022-2318, a use-after-free vulnerability discovered by Duoming Zhou in the Rose X.25 protocol layer implementation for handling timers, as well as CVE-2022-34494 and CVE-2022-34495, two flaws discovered in the virtio RPMSG bus driver that could crash the system.

The new security updates also address CVE-2022-1012 and CVE-2022-32296, two vulnerabilities discovered by Moshe Kol, Amit Klein and Yossi Gilad found a vulnerability in the IP implementation that could expose sensitive information, along with CVE-2022-1729, a race condition found in the perf subsystem by Norbert Slusarek, and CVE-2022-2503, a security issue found in the device-mapper verity (dm-verity) driver. In both cases, privileged local attackers could crash the system or execute arbitrary code.

Canonical encourages all Ubuntu users to upgrade to the latest kernels (linux-image 5.15.0.48.48 for Ubuntu 22.04 LTS, linux-image 5.4.0.126.127 for Ubuntu 20.04 LTS, linux-image-hwe-18.04 5.4.0.126.142~18.04.106 for Ubuntu 18.04.6 LTS, linux-image 4.15.0-193.204 for Ubuntu 18.04 LTS) as soon as possible. Run sudo apt update && sudo apt full-upgrade in the Terminal app or use the Software Updater to update your installations.

Tech News

Google Cloud

Cloud Spanner and BigQuery are updated by Google Cloud

Updates are made to Google Cloud’s database platforms. There will be a free trial period for Cloud Spanner and a new…

Ubuntu

Linux Kernel 5.15 is released with Ubuntu 20.04.5 LTS

Ubuntu 20.04.5 LTS is a freshly-spun install image composed of Ubuntu 22.04 LTS, along with all major security…

Our Latest Blog

Mastering Full Stack Python Development with Django A Comprehensive Guide
June 8, 2023By

Mastering Full Stack Python Development with Django: A Comprehensive Guide

Python is a powerful programming language that has taken the world of web development by...
Read More
Mastering Machine Learning A Beginner's Guide to Python
June 7, 2023By

Mastering Machine Learning: A Beginner’s Guide to Python

Welcome to the world of machine learning! With the ever-increasing demand for artificial intelligence and...
Read More
Unlocking the Power of Data Science with Python A Beginner's Guide
June 6, 2023By

Unlocking the Power of Data Science with Python: A Beginner’s Guide

Data science has become an essential part of many industries today, and Python has become...
Read More

Follow Us

Resources

Presentations
Browse LSET presentations to understand interesting…

Explore Now


eBooks
Get complete guides to empower yourself academically…

Explore Now


Infographics
Learn about information technology and business…

Explore Now