Wednesday, February 8, 2023
  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Glossary
  • Community Forum
  • Web Hosting Directory
  • Login
  • Register
Cloud7 News
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • Network/Internet
    • Windows
    • Software
    • Hardware
    • Blockchain
    • Policy/Legislation
    • How-Tos
    • Troubleshooting
No Result
View All Result
Cloud7 News
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • Network/Internet
    • Windows
    • Software
    • Hardware
    • Blockchain
    • Policy/Legislation
    • How-Tos
    • Troubleshooting
No Result
View All Result
Cloud7 News
No Result
View All Result

Home > Linux > Debian and Ubuntu received kernel security updates

Debian and Ubuntu received kernel security updates

Major kernel security updates were released for Debian and Ubuntu distributions, that address multiple vulnerabilities.

Erdem Yasar Erdem Yasar
October 20, 2022
4 min read
Debian and Ubuntu received kernel security updates
  • Debian GNU/Linux and Ubuntu Linux distributions received critical security updates addressing various vulnerabilities.
  • The vulnerabilities may lead to a privilege escalation, denial of service, or information leaks.
  • Since it is an important security update, Debian and Ubuntu LTS users are urged to update their systems immediately.

Debian GNU/Linux and Ubuntu distributions received kernel security updates. The updates are addressing various vulnerabilities, thus users are urged to apply the patches as soon as possible. The latest kernel version for Debian 11 is 5.10.149-1. Ubuntu users can update their 22.04 LTS to linux-image 5.15.0-52.58, 20.04.5 LTS to linux-image 5.15.0-52.58~20.04.1, Ubuntu 20.04 LTS to linux-image 5.4.0-131.147, and 18.04.6 LTS to linux-image-hwe 5.4.0.131.147~18.04.108.

17 security vulnerabilities

The kernel update patches a total of 17 security vulnerabilities. Some of them are:

CVE-2021-4037: Christian Brauner reported that the inode_init_owner function for the XFS filesystem in the Linux kernel allows local users to create files with an unintended group ownership allowing attackers to escalate privileges by making a plain file executable and SGID.

CVE-2022-0171: Mingwei Zhang reported that a cache incoherence issue in the SEV API in the KVM subsystem may result in denial of service.

CVE-2022-1184: A flaw was discovered in the ext4 filesystem driver which can lead to a use-after-free. A local user permitted to mount arbitrary filesystems could exploit this to cause a denial of service (crash or memory corruption) or possibly for privilege escalation.

CVE-2022-2602: A race between handling an io_uring request and the Unix socket garbage collector was discovered. An attacker can take advantage of this flaw for local privilege escalation.

CVE-2022-2663: David Leadbeater reported flaws in the nf_conntrack_irc connection-tracking protocol module. When this module is enabled on a firewall, an external user on the same IRC network as an internal user could exploit its lax parsing to open arbitrary TCP ports in the firewall, to reveal their public IP address, or to block their IRC connection at the firewall.

CVE-2022-3061: A flaw was discovered in the i740 driver which may result in denial of service. This driver is not enabled in Debian’s official kernel configurations.

CVE-2022-3176: A use-after-free flaw was discovered in the io_uring subsystem which may result in local privilege escalation to root.

CVE-2022-3303: A race condition in the snd_pcm_oss_sync function in the sound subsystem in the Linux kernel due to improper locking may result in denial of service.

CVE-2022-20421: A use-after-free vulnerability was discovered in the binder_inc_ref_for_node function in the Android binder driver. On systems where the binder driver is loaded, a local user could exploit this for privilege escalation.

CVE-2022-39188: Jann Horn reported a race condition in the kernel’s handling of unmapping of certain memory ranges. When a driver created a memory mapping with the VM_PFNMAP flag, which many GPU drivers do, the memory mapping could be removed and freed before it was flushed from the CPU TLBs. This could result in a page use-after-free. A local user with access to such a device could exploit this to cause a denial of service (crash or memory corruption) or possibly for privilege escalation.

CVE-2022-39842: An integer overflow was discovered in the pxa3xx-gcu video driver which could lead to a heap out-of-bounds write. This driver is not enabled in Debian’s official kernel configurations.

CVE-2022-40307: A race condition was discovered in the EFI capsule-loader driver, which could lead to use-after-free. A local user permitted to access this device (/dev/efi_capsule_loader) could exploit this to cause a denial of service (crash or memory corruption) or possibly for privilege escalation. However, this device is normally only accessible by the root user.

CVE-2022-41674, CVE-2022-42719, CVE-2022-42720, CVE-2022-42721, CVE-2022-42722: Soenke Huster discovered several vulnerabilities in the mac80211 subsystem triggered by WLAN frames which may result in denial of service or the execution or arbitrary code.

To perform the kernel security update on Debian or Ubuntu operating system, users can run the following command:

sudo apt update && sudo apt full-upgrade

See more Linux News


Tags: DebianUbuntu
Erdem Yasar

Erdem Yasar

Erdem Yasar is a news editor at Cloud7 News. Erdem started his career by writing video game reviews in 2007 for PC World magazine while he was studying computer engineering. In the following years, he focused on software development with various programming languages. After his graduation, he continued to work as an editor for several major tech-related websites and magazines. During the 2010s, Erdem Yasar shifted his focus to cloud computing, hosting, and data centers as they were becoming more popular topics in the tech industry. Erdem Yasar also worked with various industry-leading tech companies as a content creator by writing blog posts and other articles. Prior to his role at Cloud7 News, Erdem was the managing editor of T3 Magazine.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

Next Post
IONOS introduces £21 million data center in Worcester

IONOS introduces £21 million data center in Worcester

Related News

Red Hat brings new security capabilities to Red Hat OpenShift

Red Hat brings new security capabilities to Red Hat OpenShift

February 7, 2023 8:55 pm
First look at Gnoppix Linux 23.2

Gnoppix Linux 23.2 is ready to download

February 6, 2023 9:30 pm
Red Hat Enterprise Linux is joining the Oracle Cloud Infrastructure

Red Hat Enterprise Linux now runs the Oracle Cloud Infrastructure

February 6, 2023 7:00 pm
Best Ubuntu alternatives for desktop of 2023

Best Ubuntu alternatives for desktop of 2023

February 4, 2023 12:20 pm
Get free daily newsletters from Cloud7 News Get the Cloud7 Newsletter
Select list(s):

Check your inbox or spam folder to confirm your subscription.

By subscribing, you agree to our
Copyright Policy and Privacy Policy

Get the free newsletter

Subscribe to receive the latest IT business updates straight to your inbox.

Select list(s):

Check your inbox or spam folder to confirm your subscription.

Editor's Choice

What’s new in Linux kernel 6.2 rc6?

10 Best Web Hosting Services of 2023

Ubuntu 22.04 LTS is available for download. What is new?

CERN and Fermilab recommend AlmaLinux

7 best hosting control panels of 2023

How to update Linux Kernel without rebooting?

7 best Linux mail servers of 2023

7 best cPanel alternatives for 2023

7 best Linux web browsers for 2023

7 best CentOS alternatives

7 best Linux server distros of 2023

Interview with Igor Seletskiy on AlmaLinux

How to create a VM on VMware Workstation

Recent News

  • CISA publishes VMware ESXi ransomware recovery tool
  • WordPress 6.2 Beta is ready for testing
  • New local privilege escalation vulnerability strikes X.Org server
  • Red Hat brings new security capabilities to Red Hat OpenShift
  • With BuddyPress 12.0, BP Rewrites will support backward compatibility

Cloud7 News
Cloud7 is a news source that publishes the latest news, reviews, comparisons, opinions, and exclusive interviews to help tech users of high-experience levels in the IT industry.

EXPLORE

  • Web Hosting
  • Cloud Computing
  • Data Center
  • Cybersecurity
  • Linux
  • Network/Internet
  • Software
  • Hardware
  • How-Tos
  • Troubleshooting

RESOURCES

  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Glossary
  • Community Forum
  • Web Hosting Directory

Get the Cloud7 Newsletter

Get FREE daily newsletters from Cloud7 delivering the latest news and reviews.

  • About
  • Privacy & Policy
  • Copyright Policy
  • Contact

© 2023, Cloud7 News. All rights reserved.

No Result
View All Result
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • Network/Internet
    • Windows
    • Software
    • Hardware
    • Blockchain
    • Policy/Legislation
    • How-Tos
    • Troubleshooting
  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Glossary
  • Community Forum
  • Web Hosting Directory

© 2023, Cloud7 News. All rights reserved.

Welcome Back!

Sign In with Facebook
Sign In with Google
Sign In with Linked In
OR

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Sign Up with Facebook
Sign Up with Google
Sign Up with Linked In
OR

Fill the forms below to register

*By registering into our website, you agree to the Terms & Conditions and Privacy Policy.
All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.