USN-5484-1: Linux kernel vulnerabilities
Publication date
16 June 2022
Overview
Several security issues were fixed in the Linux kernel.
Releases
Packages
- linux - Linux kernel
Details
It was discovered that the Linux kernel did not properly restrict access to
the kernel debugger when booted in secure boot environments. A privileged
attacker could use this to bypass UEFI Secure Boot restrictions.
(CVE-2022-21499)
It was discovered that a race condition existed in the network scheduling
subsystem of the Linux kernel, leading to a use-after-free vulnerability. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2021-39713)
It was discovered that some Intel processors did not completely perform
cleanup actions on multi-core shared buffers. A local attacker could
possibly use this to expose sensitive information. (CVE-2022-21123)
It was discovered that some Intel processors did not completely perform
cleanup actions on...
It was discovered that the Linux kernel did not properly restrict access to
the kernel debugger when booted in secure boot environments. A privileged
attacker could use this to bypass UEFI Secure Boot restrictions.
(CVE-2022-21499)
It was discovered that a race condition existed in the network scheduling
subsystem of the Linux kernel, leading to a use-after-free vulnerability. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2021-39713)
It was discovered that some Intel processors did not completely perform
cleanup actions on multi-core shared buffers. A local attacker could
possibly use this to expose sensitive information. (CVE-2022-21123)
It was discovered that some Intel processors did not completely perform
cleanup actions on microarchitectural fill buffers. A local attacker could
possibly use this to expose sensitive information. (CVE-2022-21125)
It was discovered that some Intel processors did not properly perform
cleanup during specific special register write operations. A local attacker
could possibly use this to expose sensitive information. (CVE-2022-21166)
Update instructions
Please note that fully mitigating processor vulnerabilities requires corresponding processor microcode/firmware updates. After a standard system update you need to reboot your computer to make all the necessary changes.
Learn more about how to get the fixes.The problem can be corrected by updating your system to the following package versions:
| Ubuntu Release | Package Version | ||
|---|---|---|---|
| 14.04 trusty | linux-image-virtual – 3.13.0.190.199 | ||
| linux-image-3.13.0-190-generic – 3.13.0-190.241 | |||
| linux-image-server – 3.13.0.190.199 | |||
| linux-image-3.13.0-190-lowlatency – 3.13.0-190.241 | |||
| linux-image-generic – 3.13.0.190.199 | |||
| linux-image-lowlatency – 3.13.0.190.199 | |||
Reduce your security exposure
Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.
References
Related notices
- USN-5535-1
- USN-5529-1
- USN-5513-1
- USN-5505-1
- USN-5486-1
- USN-5485-1
- USN-5485-2
- USN-5471-1
- USN-5470-1
- USN-5469-1
- USN-5535-1
- USN-5529-1
- USN-5513-1
- USN-5505-1
- USN-5486-1
- USN-5485-1
- USN-5485-2
- USN-5471-1
- USN-5470-1
- USN-5469-1
- USN-5468-1
- USN-5467-1
- USN-5466-1
- USN-5465-1
- USN-5413-1
- LSN-0089-1
- LSN-0086-1
Have additional questions?