--===============1181455037976320727== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="xzboKwNGgpKTm+kF" Content-Disposition: inline
--xzboKwNGgpKTm+kF Content-Type: text/plain; charset=utf-8 Content-Disposition: inlin Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-5500-1 July 01, 2022
linux, linux-aws vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
Summary:
Several security issues were fixed in the Linux kernel.
Software Description: - linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services (AWS) systems
Details:
Eric Biederman discovered that the cgroup process migration implementation in the Linux kernel did not perform permission checks correctly in some situations. A local attacker could possibly use this to gain administrative privileges. (CVE-2021-4197)
Lin Ma discovered that the NFC Controller Interface (NCI) implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-4202)
It was discovered that the PF_KEYv2 implementation in the Linux kernel did not properly initialize kernel memory in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2022-1353)
It was discovered that the virtual graphics memory manager implementation in the Linux kernel was subject to a race condition, potentially leading to an information leak. (CVE-2022-1419)
Minh Yuan discovered that the floppy disk driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2022-1652)
It was discovered that the Atheros ath9k wireless device driver in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-1679)
It was discovered that the Marvell NFC device driver implementation in the Linux kernel did not properly perform memory cleanup operations in some situations, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system) or execute arbitrary code. (CVE-2022-1734)
èµµå蜩 discovered that the 802.2 LLC type 2 driver in the Linux kernel did not properly perform reference counting in some error conditions. A local attacker could use this to cause a denial of service. (CVE-2022-28356)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 ESM: linux-image-4.4.0-1145-aws 4.4.0-1145.160 linux-image-4.4.0-229-generic 4.4.0-229.263 linux-image-4.4.0-229-lowlatency 4.4.0-229.263 linux-image-aws 4.4.0.1145.149 linux-image-generic 4.4.0.229.235 linux-image-lowlatency 4.4.0.229.235 linux-image-virtual 4.4.0.229.235
After a standard system update you need to reboot your computer to make all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.
References: https://ubuntu.com/security/notices/USN-5500-1 CVE-2021-4197, CVE-2021-4202, CVE-2022-1353, CVE-2022-1419, CVE-2022-1652, CVE-2022-1679, CVE-2022-1734, CVE-2022-28356
--xzboKwNGgpKTm+kF Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEBAJL1M8q+hI0VIn8jRkUtPPTt5UFAmK/RO0ACgkQjRkUtPPT t5Ud/hAAqQUnwxxsD8d/eqQpMq4jOFzrR/Wa/KZW6v407Q9WJI4VBfDdXDYSSgzh lC0NPZHHSJKnh2xJRGACb95o4Pq2q5Qrf3ehJmmo7Kp1JpD6cNwr50B1dcnqCRKh ZJ+nblAIMlWQ7gi4rf4jNDdTS4rHjZvKVeuH2A2gSADNrC0fJz+k/dNEDQscn+bs SExKH5ihudmc4VE5ls5Tv8AFUdJYJpRm0SXp5udIykfP1YtFwTjPKSiKsbLjM1mx hSETQRNvVr9DiC1MlOcyEDSnl22cQ6zv7bXm7W1M6HZV1PDIukbY/GtgPgPtTNtb myXfIUOJ9bRtKRNJD9aHoDpTxabGyjMIkFIyBUmSJ2FrTYm+4X7xhcF/Bha91Grl ZfQveJeOGBcA1hrqNBx2m9/Jhikh3JwdC/TsLpy5I0R8QFeAsbCbI4EfwwzEoPzz SJYuuWi4ZemBA+uH5+PyK11za89tI2U705B6PcEP9udElEpZ5FylOOHejRcFgFB0 QwL8y5VTFLqKwZXgfdq6AlyJKRNI1MkHkJfqrHpVXsqKemOpTjmjj6s5tmzFeoaX PXz3znhZpeYOTVXogXIxBGHWaDgScAnTGDVMhmFfB2kTDutWQUQXwEsre21WZgSm bLgoIkdKrueumHez77qNAk/kK+lbi6o7bj3v7B4d6rpV6EExokk= =xnYF -----END PGP SIGNATURE-----
--xzboKwNGgpKTm+kF--
--===============1181455037976320727== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
Cg==
--===============1181455037976320727==--
|