Canonical Releases 17+ Security Patch for Ubuntu

Must Read
Sienna Rowley
Sienna Rowley
Sienna is an editor at Cloud Host News. She is an internet enthusiast, always eager to explore the latest trend in the tech space. She is a modest family woman who loves traveling in her free time.

Canonical rolled out a security update for Ubuntu. The rollout patches more than 17+ security vulnerabilities identified in the Linux Kernel.

Meanwhile, Canonical has advised Ubuntu users to install this security update as soon as possible to safeguard their system against attacks.

As we said, the Kernel updates address at least 17 security vulnerabilities. While highlighting the details of vulnerabilities as below:

CVE-2022-0500: A security bug in unrestricted eBPF usage by the BPF_BTF_LOAD, thereby causing a likely out-of-bounds memory write in the Linux Kernel’s BPF subsystem because of how a user loads BTF. Threat actors can exploit this vulnerability to crash a system or escalate the privileges on the targeted system.

CVE-2022-1734: A security bug identified within the Linux Kernel in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main. can disturb the execution of the cleanup routine and firmware download routine. A threat actor can exploit this security bug to cause a denial of service, leading to a system crash, or can execute arbitrary code.

CVE-2022-1974: Duoming Zhou identified a race condition within Linux Kernel’s NFC subsystem, causing a use-after-free vulnerability. Reportedly, the vulnerability is caused due to faulty check device_is_registered(), a function in the NFC core used to check if an NFC device is registered in Netlink-related functions. A threat actor can exploit this vulnerability to crash a system or execute arbitrary code.

CVE-2022-1975: Another security vulnerability identified by Duoming Zhou within the Linux Kernel’s NFC subsystem didn’t efficiently stop context switches from occurring while performing some of the atomic context operations.

CVE-2022-33981: Minh Yuan discovered a security vulnerability within the floppy driver in the Linux Kernel consisting of a race condition in a few situations. A threat actor could possibly utilize this to cause a system crash or execute arbitrary code.

Subscribe to our newsletter today for hot and trending Linux News updates from prominent tech industries.

- Advertisement -spot_img
Latest News

SparkyLinux 6.6 Now Available to Download

Debian-based GNU/Linux distro, SparkyLinux has got a new update Sparky 6.6 named as Po Tolo. Based on Debian 11, Sparky...
- Advertisement -spot_img

More Articles Like This