Explore top 10 tips to secure your open-source projects now. Read More
×
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems
- linux-hwe-5.19: Linux hardware enablement (HWE) kernel
Details:
It was discovered that some AMD x86-64 processors with SMT enabled could
speculatively execute instructions using a return address from a sibling
thread. A local attacker could possibly use this to expose sensitive
information. (CVE-2022-27672)
Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux
kernel contained an out-of-bounds write vulnerability. A local attacker
could use this to cause a denial of service (system crash).
(CVE-2022-36280)
Zheng Wang discovered that the Intel i915 graphics driver in the Linux
kernel did not properly handle certain error conditions, leading to a
double-free. A local attacker could possibly use this to cause a denial of
service (system crash). (CVE-2022-3707)
Haowei Yan discovered that a r...
The problem can be corrected by updating your system to the following package versions: Ubuntu 22.10: linux-image-5.19.0-1024-gcp 5.19.0-1024.26 linux-image-gcp 5.19.0.1024.20 Ubuntu 22.04 LTS: linux-image-5.19.0-42-generic 5.19.0-42.43~22.04.1 linux-image-5.19.0-42-generic-64k 5.19.0-42.43~22.04.1 linux-image-5.19.0-42-generic-lpae 5.19.0-42.43~22.04.1 linux-image-generic-64k-hwe-22.04 5.19.0.42.43~22.04.15 linux-image-generic-hwe-22.04 5.19.0.42.43~22.04.15 linux-image-generic-lpae-hwe-22.04 5.19.0.42.43~22.04.15 linux-image-virtual-hwe-22.04 5.19.0.42.43~22.04.15 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.
https://ubuntu.com/security/notices/USN-6096-1
CVE-2022-27672, CVE-2022-36280, CVE-2022-3707, CVE-2022-4129,
CVE-2022-4842, CVE-2022-48423, CVE-2022-48424, CVE-2023-0210,
CVE-2023-0394, CVE-2023-0458, CVE-2023-0459, CVE-2023-1073,
CVE-2023-1074, CVE-2023-1075, CVE-2023-1078, CVE-2023-1118,
CVE-2023-1513, CVE-2023-1652, CVE-2023-21102, CVE-2023-21106,
CVE-2023-2162, CVE-2023-23454, CVE-2023-23455, CVE-2023-26544,
CVE-2023-32269
Get the latest Linux and open source security news straight to your inbox.