Explore top 10 tips to secure your open-source projects now. Read More
×
Several security issues were fixed in the Linux kernel.
Software Description:
- linux: Linux kernel
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
- linux-kvm: Linux kernel for cloud environments
- linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty
Details:
Jeremy Cline discovered a use-after-free in the nouveau graphics driver
of the Linux kernel during device removal. A privileged or physically
proximate attacker could use this to cause a denial of service (system
crash). (CVE-2020-27820)
It was discovered that a race condition existed in the network scheduling
subsystem of the Linux kernel, leading to a use-after-free vulnerability. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2021-39713)
It was discovered that the Parallel NFS (pNFS) implementation in the Linux
kernel did not properly perform bounds checking in some situations. An
attacker could use this to cause...
The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 ESM: linux-image-4.4.0-1105-kvm 4.4.0-1105.114 linux-image-4.4.0-1140-aws 4.4.0-1140.154 linux-image-4.4.0-224-generic 4.4.0-224.257 linux-image-4.4.0-224-lowlatency 4.4.0-224.257 linux-image-aws 4.4.0.1140.145 linux-image-generic 4.4.0.224.231 linux-image-kvm 4.4.0.1105.103 linux-image-lowlatency 4.4.0.224.231 linux-image-virtual 4.4.0.224.231 Ubuntu 14.04 ESM: linux-image-4.4.0-224-generic 4.4.0-224.257~14.04.1 linux-image-4.4.0-224-lowlatency 4.4.0-224.257~14.04.1 linux-image-generic-lts-xenial 4.4.0.224.195 linux-image-lowlatency-lts-xenial 4.4.0.224.195 linux-image-virtual-lts-xenial 4.4.0.224.195 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.
https://ubuntu.com/security/notices/USN-5413-1
CVE-2020-27820, CVE-2021-39713, CVE-2021-4157, CVE-2022-26490,
CVE-2022-27223, CVE-2022-28390
Get the latest Linux and open source security news straight to your inbox.