22.Lock ScreenEffect

Canonical has released a new Linux kernel security updates for all supported Ubuntu LTS releases to address up to 16 vulnerabilities discovered by various security researchers.

The new Linux kernel security updates are about one month after the previous kernel update, which patched the recently disclosed Wi-Fi driver stack vulnerabilities, and are available only for all supported Ubuntu LTS (Long-Term Support) versions, including Ubuntu 22.04 LTS (Jammy Jellyfish), Ubuntu 20.04 LTS (Focal Fossa), and Ubuntu 18.04 LTS (Bionic Beaver).

Fixed in this new Linux kernel update are a total of 16 vulnerabilities, including five that are common to all supported Ubuntu releases. These are CVE-2022-2978, a use-after-free vulnerability discovered by Hao Sun and Jiacheng Xu in the NILFS file system implementation that could allow a local attacker to crash the system or execute arbitrary code, CVE-2022-3028, a race condition discovered by Abhishek Shah in the PF_KEYv2 implementation that could allow a local attacker to expose sensitive information (kernel memory) or crash the system, and CVE-2022-3635, a use-after-free vulnerability discovered in the IDT 77252 ATM PCI device driver that could allow a local attacker to crash the system or execute arbitrary code.

The link for this article located at 9 to 5 Linux is no longer available.