What Are You Looking For?

Sign Up
=========================================================================Ubuntu Security Notice USN-5319-1
March 09, 2022

linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15,
linux-dell300x, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm,
ilinux-lts-xenial, linux-oracle, linux-raspi2, linux-snapdragon
vulnerabilities
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 18.04 LTS
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux: Linux kernel
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
- linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems
- linux-dell300x: Linux kernel for Dell 300x platforms
- linux-gcp-4.15: Linux kernel for Google Cloud Platform (GCP) systems
- linux-kvm: Linux kernel for cloud environments
- linux-oracle: Linux kernel for Oracle Cloud systems
- linux-raspi2: Linux kernel for Raspberry Pi systems
- linux-snapdragon: Linux kernel for Qualcomm Snapdragon processors- linux-aws-hwe: Linux kernel for Amazon Web Services (AWS-HWE) systems
- linux-azure: Linux kernel for Microsoft Azure Cloud systems
- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems
- linux-hwe: Linux hardware enablement (HWE) kernel
- linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty

Details:

Enrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, and Cristiano
Giuffrida discovered that hardware mitigations added by Intel to their
processors to address Spectre-BTI were insufficient. A local attacker could
potentially use this to expose sensitive information.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
  linux-image-4.15.0-1037-dell300x  4.15.0-1037.42
  linux-image-4.15.0-1089-oracle  4.15.0-1089.98
  linux-image-4.15.0-1105-raspi2  4.15.0-1105.112
  linux-image-4.15.0-1109-kvm     4.15.0-1109.112
  linux-image-4.15.0-1118-gcp     4.15.0-1118.132
  linux-image-4.15.0-1122-snapdragon  4.15.0-1122.131
  linux-image-4.15.0-1123-aws     4.15.0-1123.132
  linux-image-4.15.0-1133-azure   4.15.0-1133.146
  linux-image-4.15.0-171-generic  4.15.0-171.180
  linux-image-4.15.0-171-generic-lpae  4.15.0-171.180
  linux-image-4.15.0-171-lowlatency  4.15.0-171.180
  linux-image-aws-lts-18.04       4.15.0.1123.126
  linux-image-azure-lts-18.04     4.15.0.1133.106
  linux-image-dell300x            4.15.0.1037.39
  linux-image-gcp-lts-18.04       4.15.0.1118.137
  linux-image-generic             4.15.0.171.160
  linux-image-generic-lpae        4.15.0.171.160
  linux-image-kvm                 4.15.0.1109.105
  linux-image-lowlatency          4.15.0.171.160
  linux-image-oracle-lts-18.04    4.15.0.1089.99
  linux-image-raspi2              4.15.0.1105.103
  linux-image-snapdragon          4.15.0.1122.125
  linux-image-virtual             4.15.0.171.160

Ubuntu 16.04 ESM:
  linux-image-4.15.0-1089-oracle  4.15.0-1089.98~16.04.1
  linux-image-4.15.0-1118-gcp     4.15.0-1118.132~16.04.1
  linux-image-4.15.0-1123-aws-hwe  4.15.0-1123.132~16.04.1
  linux-image-4.15.0-1133-azure   4.15.0-1133.146~16.04.1
  linux-image-4.15.0-171-generic  4.15.0-171.180~16.04.1
  linux-image-4.15.0-171-lowlatency  4.15.0-171.180~16.04.1
  linux-image-4.4.0-1102-kvm      4.4.0-1102.111
  linux-image-4.4.0-1137-aws      4.4.0-1137.151
  linux-image-4.4.0-221-generic   4.4.0-221.254
  linux-image-4.4.0-221-lowlatency  4.4.0-221.254
  linux-image-aws                 4.4.0.1137.142
  linux-image-aws-hwe             4.15.0.1123.113
  linux-image-azure               4.15.0.1133.124
  linux-image-gcp                 4.15.0.1118.119
  linux-image-generic             4.4.0.221.228
  linux-image-generic-hwe-16.04   4.15.0.171.163
  linux-image-gke                 4.15.0.1118.119
  linux-image-kvm                 4.4.0.1102.100
  linux-image-lowlatency          4.4.0.221.228
  linux-image-lowlatency-hwe-16.04  4.15.0.171.163
  linux-image-oem                 4.15.0.171.163
  linux-image-oracle              4.15.0.1089.77
  linux-image-virtual             4.4.0.221.228
  linux-image-virtual-hwe-16.04   4.15.0.171.163

Ubuntu 14.04 ESM:
  linux-image-4.15.0-1133-azure   4.15.0-1133.146~14.04.1
  linux-image-4.4.0-1101-aws      4.4.0-1101.106
  linux-image-4.4.0-221-generic   4.4.0-221.254~14.04.1
  linux-image-4.4.0-221-lowlatency  4.4.0-221.254~14.04.1
  linux-image-aws                 4.4.0.1101.99
  linux-image-azure               4.15.0.1133.106
  linux-image-generic-lts-xenial  4.4.0.221.192
  linux-image-lowlatency-lts-xenial  4.4.0.221.192
  linux-image-virtual-lts-xenial  4.4.0.221.192

IMPORTANT: As part of this update, unprivileged eBPF is being
disabled by default, as it is the primary known means of exploiting
the Branch History Injection issues described above. It should be
noted that other mechanisms for exploiting the underlying issues may
be discovered.  Also, this may cause issues for applications that
rely on the unprivileged eBPF functionality. Please see the knowledge
base article at https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/BHI
for more details.

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-5319-1
  CVE-2022-0001, CVE-2022-0002,
  https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/BHI

Package Information:
  https://launchpad.net/ubuntu/+source/linux/4.15.0-171.180
  https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1123.132
  https://launchpad.net/ubuntu/+source/linux-azure-4.15/4.15.0-1133.146
  https://launchpad.net/ubuntu/+source/linux-dell300x/4.15.0-1037.42
  https://launchpad.net/ubuntu/+source/linux-gcp-4.15/4.15.0-1118.132
  https://launchpad.net/ubuntu/+source/linux-kvm/4.15.0-1109.112
  https://launchpad.net/ubuntu/+source/linux-oracle/4.15.0-1089.98
  https://launchpad.net/ubuntu/+source/linux-raspi2/4.15.0-1105.112
  https://launchpad.net/ubuntu/+source/linux-snapdragon/4.15.0-1122.131

Ubuntu 5319-1: Linux kernel vulnerabilities

March 8, 2022
Several security issues were fixed in the Linux kernel.

Summary

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS: linux-image-4.15.0-1037-dell300x 4.15.0-1037.42 linux-image-4.15.0-1089-oracle 4.15.0-1089.98 linux-image-4.15.0-1105-raspi2 4.15.0-1105.112 linux-image-4.15.0-1109-kvm 4.15.0-1109.112 linux-image-4.15.0-1118-gcp 4.15.0-1118.132 linux-image-4.15.0-1122-snapdragon 4.15.0-1122.131 linux-image-4.15.0-1123-aws 4.15.0-1123.132 linux-image-4.15.0-1133-azure 4.15.0-1133.146 linux-image-4.15.0-171-generic 4.15.0-171.180 linux-image-4.15.0-171-generic-lpae 4.15.0-171.180 linux-image-4.15.0-171-lowlatency 4.15.0-171.180 linux-image-aws-lts-18.04 4.15.0.1123.126 linux-image-azure-lts-18.04 4.15.0.1133.106 linux-image-dell300x 4.15.0.1037.39 linux-image-gcp-lts-18.04 4.15.0.1118.137 linux-image-generic 4.15.0.171.160 linux-image-generic-lpae 4.15.0.171.160 linux-image-kvm 4.15.0.1109.105 linux-image-lowlatency 4.15.0.171.160 linux-image-oracle-lts-18.04 4.15.0.1089.99 linux-image-raspi2 4.15.0.1105.103 linux-image-snapdragon 4.15.0.1122.125 linux-image-virtual 4.15.0.171.160 Ubuntu 16.04 ESM: linux-image-4.15.0-1089-oracle 4.15.0-1089.98~16.04.1 linux-image-4.15.0-1118-gcp 4.15.0-1118.132~16.04.1 linux-image-4.15.0-1123-aws-hwe 4.15.0-1123.132~16.04.1 linux-image-4.15.0-1133-azure 4.15.0-1133.146~16.04.1 linux-image-4.15.0-171-generic 4.15.0-171.180~16.04.1 linux-image-4.15.0-171-lowlatency 4.15.0-171.180~16.04.1 linux-image-4.4.0-1102-kvm 4.4.0-1102.111 linux-image-4.4.0-1137-aws 4.4.0-1137.151 linux-image-4.4.0-221-generic 4.4.0-221.254 linux-image-4.4.0-221-lowlatency 4.4.0-221.254 linux-image-aws 4.4.0.1137.142 linux-image-aws-hwe 4.15.0.1123.113 linux-image-azure 4.15.0.1133.124 linux-image-gcp 4.15.0.1118.119 linux-image-generic 4.4.0.221.228 linux-image-generic-hwe-16.04 4.15.0.171.163 linux-image-gke 4.15.0.1118.119 linux-image-kvm 4.4.0.1102.100 linux-image-lowlatency 4.4.0.221.228 linux-image-lowlatency-hwe-16.04 4.15.0.171.163 linux-image-oem 4.15.0.171.163 linux-image-oracle 4.15.0.1089.77 linux-image-virtual 4.4.0.221.228 linux-image-virtual-hwe-16.04 4.15.0.171.163 Ubuntu 14.04 ESM: linux-image-4.15.0-1133-azure 4.15.0-1133.146~14.04.1 linux-image-4.4.0-1101-aws 4.4.0-1101.106 linux-image-4.4.0-221-generic 4.4.0-221.254~14.04.1 linux-image-4.4.0-221-lowlatency 4.4.0-221.254~14.04.1 linux-image-aws 4.4.0.1101.99 linux-image-azure 4.15.0.1133.106 linux-image-generic-lts-xenial 4.4.0.221.192 linux-image-lowlatency-lts-xenial 4.4.0.221.192 linux-image-virtual-lts-xenial 4.4.0.221.192 IMPORTANT: As part of this update, unprivileged eBPF is being disabled by default, as it is the primary known means of exploiting the Branch History Injection issues described above. It should be noted that other mechanisms for exploiting the underlying issues may be discovered. Also, this may cause issues for applications that rely on the unprivileged eBPF functionality. Please see the knowledge base article at https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/BHI for more details. After a standard system update you need to reboot your computer to make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5319-1

CVE-2022-0001, CVE-2022-0002,

https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/BHI

Severity
March 09, 2022

Package Information

https://launchpad.net/ubuntu/+source/linux/4.15.0-171.180 https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1123.132 https://launchpad.net/ubuntu/+source/linux-azure-4.15/4.15.0-1133.146 https://launchpad.net/ubuntu/+source/linux-dell300x/4.15.0-1037.42 https://launchpad.net/ubuntu/+source/linux-gcp-4.15/4.15.0-1118.132 https://launchpad.net/ubuntu/+source/linux-kvm/4.15.0-1109.112 https://launchpad.net/ubuntu/+source/linux-oracle/4.15.0-1089.98 https://launchpad.net/ubuntu/+source/linux-raspi2/4.15.0-1105.112 https://launchpad.net/ubuntu/+source/linux-snapdragon/4.15.0-1122.131

Related News

Linux version of Qilin ransomware focuses on VMware ESXi

Dec 4, 2023

Kali Linux 2023.4 Released With New Hacking Tools

Dec 6, 2023

Linus Torvalds on the State of Linux Today and How AI Figures in Its Future

Dec 6, 2023

How Meta Patches Linux at Hyperscale

Dec 2, 2023

News

Advisories

HOWTOs

Features

Using Open Source to Ensure Compliance & Data Integrity through Data Governance
Critical Linux Kernel Bugs Lead to DoS, Privilege Escalation - Patch Now!
Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management
A Complete Guide to Torrenting Safely in 2024

About Us

Powered By

Footer Logo