--===============1181455037976320727==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="xzboKwNGgpKTm+kF"
Content-Disposition: inline
--xzboKwNGgpKTm+kF
Content-Type: text/plain; charset=utf-8
Content-Disposition: inlin
Content-Transfer-Encoding: quoted-printable
==========================================================================
Ubuntu Security Notice USN-5500-1
July 01, 2022
linux, linux-aws vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux: Linux kernel
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
Details:
Eric Biederman discovered that the cgroup process migration implementation
in the Linux kernel did not perform permission checks correctly in some
situations. A local attacker could possibly use this to gain administrative
privileges. (CVE-2021-4197)
Lin Ma discovered that the NFC Controller Interface (NCI) implementation in
the Linux kernel contained a race condition, leading to a use-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2021-4202)
It was discovered that the PF_KEYv2 implementation in the Linux kernel did
not properly initialize kernel memory in some situations. A local attacker
could use this to expose sensitive information (kernel memory).
(CVE-2022-1353)
It was discovered that the virtual graphics memory manager implementation
in the Linux kernel was subject to a race condition, potentially leading to
an information leak. (CVE-2022-1419)
Minh Yuan discovered that the floppy disk driver in the Linux kernel
contained a race condition, leading to a use-after-free vulnerability. A
local attacker could possibly use this to cause a denial of service (system
crash) or execute arbitrary code. (CVE-2022-1652)
It was discovered that the Atheros ath9k wireless device driver in the
Linux kernel did not properly handle some error conditions, leading to a
use-after-free vulnerability. A local attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2022-1679)
It was discovered that the Marvell NFC device driver implementation in the
Linux kernel did not properly perform memory cleanup operations in some
situations, leading to a use-after-free vulnerability. A local attacker
could possibly use this to cause a denial of service (system) or execute
arbitrary code. (CVE-2022-1734)
èµµå蜩 discovered that the 802.2 LLC type 2 driver in the Linux kernel did
not
properly perform reference counting in some error conditions. A local
attacker could use this to cause a denial of service. (CVE-2022-28356)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
linux-image-4.4.0-1145-aws 4.4.0-1145.160
linux-image-4.4.0-229-generic 4.4.0-229.263
linux-image-4.4.0-229-lowlatency 4.4.0-229.263
linux-image-aws 4.4.0.1145.149
linux-image-generic 4.4.0.229.235
linux-image-lowlatency 4.4.0.229.235
linux-image-virtual 4.4.0.229.235
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-5500-1
CVE-2021-4197, CVE-2021-4202, CVE-2022-1353, CVE-2022-1419,
CVE-2022-1652, CVE-2022-1679, CVE-2022-1734, CVE-2022-28356
--xzboKwNGgpKTm+kF
Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEBAJL1M8q+hI0VIn8jRkUtPPTt5UFAmK/RO0ACgkQjRkUtPPT
t5Ud/hAAqQUnwxxsD8d/eqQpMq4jOFzrR/Wa/KZW6v407Q9WJI4VBfDdXDYSSgzh
lC0NPZHHSJKnh2xJRGACb95o4Pq2q5Qrf3ehJmmo7Kp1JpD6cNwr50B1dcnqCRKh
ZJ+nblAIMlWQ7gi4rf4jNDdTS4rHjZvKVeuH2A2gSADNrC0fJz+k/dNEDQscn+bs
SExKH5ihudmc4VE5ls5Tv8AFUdJYJpRm0SXp5udIykfP1YtFwTjPKSiKsbLjM1mx
hSETQRNvVr9DiC1MlOcyEDSnl22cQ6zv7bXm7W1M6HZV1PDIukbY/GtgPgPtTNtb
myXfIUOJ9bRtKRNJD9aHoDpTxabGyjMIkFIyBUmSJ2FrTYm+4X7xhcF/Bha91Grl
ZfQveJeOGBcA1hrqNBx2m9/Jhikh3JwdC/TsLpy5I0R8QFeAsbCbI4EfwwzEoPzz
SJYuuWi4ZemBA+uH5+PyK11za89tI2U705B6PcEP9udElEpZ5FylOOHejRcFgFB0
QwL8y5VTFLqKwZXgfdq6AlyJKRNI1MkHkJfqrHpVXsqKemOpTjmjj6s5tmzFeoaX
PXz3znhZpeYOTVXogXIxBGHWaDgScAnTGDVMhmFfB2kTDutWQUQXwEsre21WZgSm
bLgoIkdKrueumHez77qNAk/kK+lbi6o7bj3v7B4d6rpV6EExokk=
=xnYF
-----END PGP SIGNATURE-----
--xzboKwNGgpKTm+kF--
--===============1181455037976320727==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline
Cg==
--===============1181455037976320727==--
|
