1. Ubuntu Security Notices
  2. LSN-0092-1

LSN-0092-1: Kernel Live Patch Security Notice

Publication date

7 March 2023

Overview

Several security issues were fixed in the kernel.

Releases

Software description

  • aws – Linux kernel for Amazon Web Services (AWS) systems - (>= 4.15.0-1054, >= 4.15.0-1119, >= 5.4.0-1009, >= 5.4.0-1061, >= 5.15.0-1000, >= 4.4.0-1098, >= 4.4.0-1129)
  • aws-5.15 – Linux kernel for Amazon Web Services (AWS) systems - (>= 5.15.0-1000)
  • aws-5.4 – Linux kernel for Amazon Web Services (AWS) systems - (>= 5.4.0-1069)
  • aws-hwe – Linux kernel for Amazon Web Services (AWS-HWE) systems - (>= 4.15.0-1126)
  • azure – Linux kernel for Microsoft Azure Cloud systems - (>= 5.4.0-1010, >= 5.15.0-1000, >= 4.15.0-1063, >= 4.15.0-1078, >= 4.15.0-1114)
  • azure-4.15 – Linux kernel for Microsoft Azure Cloud systems - (>= 4.15.0-1115)
  • azure-5.4 – Linux kernel for Microsoft Azure cloud systems - (>= 5.4.0-1069)
  • gcp – Linux kernel for Google Cloud Platform (GCP) systems - (>= 5.4.0-1009, >= 5.15.0-1000, >= 4.15.0-1118)
  • gcp-4.15 – Linux kernel for Google Cloud Platform (GCP) systems - (>= 4.15.0-1121)
  • gcp-5.15 – Linux kernel for Google Cloud Platform (GCP) systems - (>= 5.15.0-1000)
  • aws – Linux kernel for Amazon Web Services (AWS) systems - (>= 4.15.0-1054, >= 4.15.0-1119, >= 5.4.0-1009, >= 5.4.0-1061, >= 5.15.0-1000, >= 4.4.0-1098, >= 4.4.0-1129)
  • aws-5.15 – Linux kernel for Amazon Web Services (AWS) systems - (>= 5.15.0-1000)
  • aws-5.4 – Linux kernel for Amazon Web Services (AWS) systems - (>= 5.4.0-1069)
  • aws-hwe – Linux kernel for Amazon Web Services (AWS-HWE) systems - (>= 4.15.0-1126)
  • azure – Linux kernel for Microsoft Azure Cloud systems - (>= 5.4.0-1010, >= 5.15.0-1000, >= 4.15.0-1063, >= 4.15.0-1078, >= 4.15.0-1114)
  • azure-4.15 – Linux kernel for Microsoft Azure Cloud systems - (>= 4.15.0-1115)
  • azure-5.4 – Linux kernel for Microsoft Azure cloud systems - (>= 5.4.0-1069)
  • gcp – Linux kernel for Google Cloud Platform (GCP) systems - (>= 5.4.0-1009, >= 5.15.0-1000, >= 4.15.0-1118)
  • gcp-4.15 – Linux kernel for Google Cloud Platform (GCP) systems - (>= 4.15.0-1121)
  • gcp-5.15 – Linux kernel for Google Cloud Platform (GCP) systems - (>= 5.15.0-1000)
  • gcp-5.4 – Linux kernel for Google Cloud Platform (GCP) systems - (>= 5.4.0-1069)
  • generic-4.15 – Linux hardware enablement (HWE) kernel - (>= 4.15.0-69, >= 4.15.0-143, >= 4.15.0-69)
  • generic-4.4 – Linux kernel - (>= 4.4.0-211, >= 4.4.0-168)
  • generic-5.4 – Linux kernel - (>= 5.4.0-26, >= 5.4.0-26)
  • gke – Linux kernel for Google Container Engine (GKE) systems - (>= 5.4.0-1033, >= 5.15.0-1000)
  • gke-4.15 – Linux kernel for Google Container Engine (GKE) systems - (>= 4.15.0-1076)
  • gke-5.15 – Linux kernel for Google Container Engine (GKE) systems - (>= 5.15.0-1000)
  • gke-5.4 – Linux kernel for Google Container Engine (GKE) systems - (>= 5.4.0-1009)
  • gkeop – Linux kernel for Google Container Engine (GKE) systems - (>= 5.4.0-1009)
  • gkeop-5.4 – Linux kernel for Google Container Engine (GKE) systems - (>= 5.4.0-1007)
  • ibm – Linux kernel for IBM cloud systems - (>= 5.4.0-1009, >= 5.15.0-1000)
  • ibm-5.4 – Linux kernel for IBM cloud systems - (>= 5.4.0-1009)
  • linux – Linux kernel - (>= 5.15.0-24)
  • lowlatency – Linux low latency kernel - (>= 5.15.0-25)
  • lowlatency-4.15 – Linux hardware enablement (HWE) kernel - (>= 4.15.0-69, >= 4.15.0-143, >= 4.15.0-69)
  • lowlatency-4.4 – Linux kernel - (>= 4.4.0-211, >= 4.4.0-168)
  • lowlatency-5.4 – Linux kernel - (>= 5.4.0-26, >= 5.4.0-26)
  • oem – Linux kernel for OEM systems - (>= 4.15.0-1063)

Details

Kyle Zeng discovered that the sysctl implementation in the Linux kernel
contained a stack-based buffer overflow. A local attacker could use this to
cause a denial of service (system crash) or execute arbitrary code.(CVE-2022-4378)

Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation
in the Linux kernel contained multiple use-after-free vulnerabilities. A
physically proximate attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code.(CVE-2022-42896)

It was discovered that the NFSD implementation in the Linux kernel did not
properly handle some RPC messages, leading to a buffer overflow. A remote
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code.(CVE-2022-43945)

Kyle Zeng discovered that the sysctl implementation in the Linux kernel
contained a stack-based buffer overflow. A local attacker could use this to
cause a denial of service (system crash) or execute arbitrary code.(CVE-2022-4378)

Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation
in the Linux kernel contained multiple use-after-free vulnerabilities. A
physically proximate attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code.(CVE-2022-42896)

It was discovered that the NFSD implementation in the Linux kernel did not
properly handle some RPC messages, leading to a buffer overflow. A remote
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code.(CVE-2022-43945)

Checking update status

To check your kernel type and Livepatch version, enter this command:

canonical-livepatch status

The problem can be corrected in these Livepatch versions:

Kernel type 22.04 20.04 18.04 16.04
aws 92.2 92.1 92.1 92.1
aws-5.15 92.2
aws-5.4 92.1
aws-hwe 92.1
azure 92.1 92.1 92.1
azure-4.15 92.1
azure-5.4 92.1
gcp 92.2 92.1 92.1
gcp-4.15 92.1
gcp-5.15 92.2
gcp-5.4 92.1
generic-4.15 92.1 92.1
generic-4.4 92.1
generic-5.4 92.1 92.1
gke 92.2 92.1
gke-4.15 92.1
gke-5.15 92.2
gke-5.4 92.1
gkeop 92.1
gkeop-5.4 92.1
ibm 92.1 92.1
ibm-5.4 92.1
linux 92.1
lowlatency 92.1
lowlatency-4.15 92.1 92.1
lowlatency-4.4 92.1
lowlatency-5.4 92.1 92.1
oem 92.1

References

Have additional questions?

Talk to a member of the team ›