Ubuntu: New Kernel Security Updates released

development team Primary address He has released a large number of Kernel Security Update For all currently supported versions of Ubuntu. This is a large collection of patches intended for: Ubuntu 22.10 “Kinetic Kudu”, Ubuntu 22.04 LTS “Jammy Jellyfish”, and Ubuntu 18.04 LTS “Bionic Beaver”. These bug fixes fix sixteen vulnerabilities classified as CVE (Common Vulnerabilities and Exposures) discovered in recent weeks by several security researchers. These bugs are built into different Linux subsystems and can be found in different Penguin kernel versions. That’s why the latest Kernel security updates have affected all versions of the distribution. Therefore, users are warmly invited to upgrade as soon as possible, in order to protect themselves from potential computer attacks that use these flaws to carry out attacks of various kinds.

for example CVE-2022-2978Discovered by security researchers Hao Sun and Jiacheng Xu, nested within an implementation of the NILFS file system, this type of bug is defined as a zero-use vulnerability that essentially allows an attacker, with direct access to the computer, to execute code bypassing root user privileges and causing the system to crash. . While CVE-2022-3028 Instead, it is a very rare bug, discovered by Abhishek Shah within the implementation of PF_KEYv2, which instead allows a series of sensitive information and data to be exposed.

Another serious security flaw is the so-called bug CVE-2022-3635is another vulnerability discovered in the IDT 77252 ATM PCI device driver that allows crackers that are physically connected to a computer to run distribution crash scripts.

Fortunately, thanks to the work of programmers from Canonical, patches are already available in the software repositories of Ubuntu 22.10 “Kinetic Kudu”, Ubuntu 22.04 LTS “Jammy Jellyfish” and Ubuntu 18.04 LTS “Bionic Beaver”. So, users will just have to update the system normally to receive the latest Kernel Security Updates.

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *