It is imperative that all Ubuntu Linux users take note of the recent kernel security updates that have been made available for all supported releases of the operating system. These updates are aimed at addressing an even greater number of vulnerabilities and security issues to ensure that your machines are as secure as possible.
The new kernel security updates come just a week after the previous batch, which was a significant release that addressed over 20 vulnerabilities. These updates are available for Ubuntu 22.10, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, as well as Ubuntu 16.04 ESM and Ubuntu 14.04 ESM systems.
One of the main vulnerabilities addressed in these kernel updates are two Bluetooth flaws, specifically CVE-2022-42896 and CVE-2022-45934. The first vulnerability, discovered by Tamás Koczka, includes multiple use-after-free vulnerabilities in the Bluetooth L2CAP handshake implementation. The second vulnerability, an integer overflow vulnerability, was discovered in the Bluetooth subsystem. These vulnerabilities affect all supported Ubuntu releases and could potentially allow a physically proximate attacker to cause a denial of service (system crash) or even execute arbitrary code.
Additionally, these new Ubuntu kernel security updates also address CVE-2022-3643, a security issue discovered in the Xen netback driver. This flaw could allow an attacker in a guest virtual machine to cause a denial of service (host NIC availability) and similarly affects all supported Ubuntu releases.
For Ubuntu 22.10 systems running Linux kernel 5.19 and Ubuntu 22.04 LTS and Ubuntu 20.04 LTS systems running Linux kernel 5.15 LTS, the new kernel updates also address CVE-2022-4378, a stack-based buffer overflow discovered by Kyle Zeng in the sysctl implementation. This vulnerability could allow a local attacker to cause a denial of service (system crash) or execute arbitrary code.
Additionally, for Ubuntu 20.04 LTS systems running Linux kernel 5.4 LTS, as well as Ubuntu 18.04 LTS, Ubuntu 16.04 ESM, and Ubuntu 14.04 ESM systems running Linux kernel 4.15, the new kernel security updates also patch CVE-2022-4395, a buffer overflow discovered in the NFSD implementation that could allow a remote attacker to cause a denial of service (system crash) or execute arbitrary code.
Canonical, the company behind Ubuntu, urges all users to update their installations to the new kernel versions as soon as possible.
Specifically, users should update to linux-image 5.19.0.29.26 for Ubuntu 22.10, linux-image 5.15.0.58.56 for Ubuntu 22.04 LTS, linux-image-hwe 5.15.0.58.64~20.04.24 and linux-image 5.4.0.137.135 for Ubuntu 20.04 LTS, linux-image 4.15.0.202.185 for Ubuntu 18.04 LTS, and linux-image 4.15.0-202 for Ubuntu 16.04 ESM. These versions are for 64-bit systems, but there are also newer kernel versions available for other supported architectures. To update your installations, you can use the Software Updater utility or run the sudo apt update && sudo apt full-upgrade command in a terminal emulator. It is important to remember to reboot your systems after installing the new kernels to ensure that the updates take effect.
Discussion about this post