Canonical rolled out a security update for Ubuntu. The rollout patches more than 17+ security vulnerabilities identified in the Linux Kernel.
Meanwhile, Canonical has advised Ubuntu users to install this security update as soon as possible to safeguard their system against attacks.
As we said, the Kernel updates address at least 17 security vulnerabilities. While highlighting the details of vulnerabilities as below:
CVE-2022-0500: A security bug in unrestricted eBPF usage by the BPF_BTF_LOAD, thereby causing a likely out-of-bounds memory write in the Linux Kernel’s BPF subsystem because of how a user loads BTF. Threat actors can exploit this vulnerability to crash a system or escalate the privileges on the targeted system.
CVE-2022-1734: A security bug identified within the Linux Kernel in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main. can disturb the execution of the cleanup routine and firmware download routine. A threat actor can exploit this security bug to cause a denial of service, leading to a system crash, or can execute arbitrary code.
CVE-2022-1974: Duoming Zhou identified a race condition within Linux Kernel’s NFC subsystem, causing a use-after-free vulnerability. Reportedly, the vulnerability is caused due to faulty check device_is_registered(), a function in the NFC core used to check if an NFC device is registered in Netlink-related functions. A threat actor can exploit this vulnerability to crash a system or execute arbitrary code.
CVE-2022-1975: Another security vulnerability identified by Duoming Zhou within the Linux Kernel’s NFC subsystem didn’t efficiently stop context switches from occurring while performing some of the atomic context operations.
CVE-2022-33981: Minh Yuan discovered a security vulnerability within the floppy driver in the Linux Kernel consisting of a race condition in a few situations. A threat actor could possibly utilize this to cause a system crash or execute arbitrary code.
Subscribe to our newsletter today for hot and trending Linux News updates from prominent tech industries.