Canonical, developer of Ubuntu, published Linux Kernel updates addressing over 30 vulnerabilities. The updates came two weeks after the previous updates, which addressed three minor security flaws. The massive update is currently available for all supported Ubuntu releases, Ubuntu 22.04 LTS (Jammy Jellyfish), Ubuntu 21.10 (Impish Indri), Ubuntu 20.04 LTS (Focal Fossa), Ubuntu 18.04 LTS (Bionic Beaver), Ubuntu 16.04 and 14.04 ESM.
More than 30 vulnerabilities
The most notable vulnerabilities fixed in the update are:
- CVE-2022-1966: A use-after-free vulnerability was found in the Linux kernel’s Netfilter subsystem in net/netfilter/nf_tables_api.c. This flaw allows a local attacker with user access to cause a privilege escalation issue. The vulnerability was found in all Ubuntu releases. It allows a local attacker to cause a denial of service or execute arbitrary code.
- CVE-2022-21499: The vulnerability caused by the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions.
Along with these two high severity vulnerabilities, the update patches also multiple medium severity flaws. Some of them are:
- CVE-2022-1158: The medium severity vulnerability is caused by the KVM implementation in the Linux kernel did not properly perform guest page table updates in some situations. The vulnerability can cause an attacker in a guest virtual machine to exploit this flaw to crash the host operating system.
- CVE-2021-1011: The vulnerability is a use-after-free flaw that was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). It allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation. It can cause a denial of service or execute arbitrary code.
- CVE-2022-1972: It is an out-of-bound write vulnerability was identified within the netfilter subsystem which can be exploited to achieve privilege escalation to root. It is caused by the Linux kernel did not properly validate sets with multiple ranged fields. It can allow a local attacker to cause a denial of service or execute arbitrary code.
While some of those flaws affect only some versions, some of them can affect all Ubuntu versions. Since it is a security update, Canonical urged all users to update their operating systems as soon as possible to be able to avoid possible attacks. Users can use the Software Updater utility or run the following command in the Terminal.
sudo apt update
sudo apt full-upgrade
Installing new kernel versions requires a system reboot.