Ubuntu update for linux



Published: 2023-09-26
Risk Medium
Patch available YES
Number of vulnerabilities 6
CVE-ID CVE-2022-27672
CVE-2022-40982
CVE-2023-3212
CVE-2023-3863
CVE-2023-40283
CVE-2023-4128
CWE-ID CWE-1342
CWE-476
CWE-416
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		Ubuntu
Operating systems & Components / Operating system

linux-image-4.15.0-1124-oracle (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-4.15.0-218-lowlatency (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-4.15.0-218-generic (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-4.15.0-1170-azure (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-4.15.0-1161-aws (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-4.15.0-1155-gcp (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-gcp-lts-18.04 (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-azure-lts-18.04 (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-aws-lts-18.04 (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-lowlatency (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-generic (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-virtual (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-gcp (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-gke (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-azure (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-aws-hwe (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-generic-hwe-16.04 (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-lowlatency-hwe-16.04 (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-oem (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-virtual-hwe-16.04 (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-oracle (Ubuntu package)
Operating systems & Components / Operating system package or component

Vendor Canonical Ltd.

Security Bulletin

This security bulletin contains information about 6 vulnerabilities.

1) Cross-thread return address predictions

EUVDB-ID: #VU72470

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-27672

CWE-ID:

Exploit availability:

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to certain AMD processors may speculatively execute instructions at an incorrect return site after an SMT mode switch that may potentially lead to information disclosure.

Mitigation

Update the affected package linux to the latest version.

Vulnerable software versions

Ubuntu: 16.04 - 18.04

linux-image-4.15.0-1124-oracle (Ubuntu package): before Ubuntu Pro

linux-image-4.15.0-218-lowlatency (Ubuntu package): before Ubuntu Pro

linux-image-4.15.0-218-generic (Ubuntu package): before Ubuntu Pro

linux-image-4.15.0-1170-azure (Ubuntu package): before Ubuntu Pro

linux-image-4.15.0-1161-aws (Ubuntu package): before Ubuntu Pro

linux-image-4.15.0-1155-gcp (Ubuntu package): before Ubuntu Pro

linux-image-gcp-lts-18.04 (Ubuntu package): before Ubuntu Pro

linux-image-azure-lts-18.04 (Ubuntu package): before Ubuntu Pro

linux-image-aws-lts-18.04 (Ubuntu package): before Ubuntu Pro

linux-image-lowlatency (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-generic (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-virtual (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-gcp (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-gke (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-aws-hwe (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-generic-hwe-16.04 (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-lowlatency-hwe-16.04 (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-oem (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-virtual-hwe-16.04 (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-oracle (Ubuntu package): before Ubuntu Pro (Infra-only)

Fixed software versions

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6396-1


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Information exposure through microarchitectural state after transient execution

EUVDB-ID: #VU79262

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-40982

CWE-ID:

Exploit availability:

Description

The vulnerability allows a malicious guest to escalate privileges on the system.

The vulnerability exists due to the way data is shared between threads whereby the AVX GATHER instructions on Intel processors can forward the content of stale vector registers to dependent instructions. A malicious guest can infer data from different contexts on the same core and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package linux to the latest version.

Vulnerable software versions

Ubuntu: 16.04 - 18.04

linux-image-4.15.0-1124-oracle (Ubuntu package): before Ubuntu Pro

linux-image-4.15.0-218-lowlatency (Ubuntu package): before Ubuntu Pro

linux-image-4.15.0-218-generic (Ubuntu package): before Ubuntu Pro

linux-image-4.15.0-1170-azure (Ubuntu package): before Ubuntu Pro

linux-image-4.15.0-1161-aws (Ubuntu package): before Ubuntu Pro

linux-image-4.15.0-1155-gcp (Ubuntu package): before Ubuntu Pro

linux-image-gcp-lts-18.04 (Ubuntu package): before Ubuntu Pro

linux-image-azure-lts-18.04 (Ubuntu package): before Ubuntu Pro

linux-image-aws-lts-18.04 (Ubuntu package): before Ubuntu Pro

linux-image-lowlatency (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-generic (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-virtual (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-gcp (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-gke (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-aws-hwe (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-generic-hwe-16.04 (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-lowlatency-hwe-16.04 (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-oem (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-virtual-hwe-16.04 (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-oracle (Ubuntu package): before Ubuntu Pro (Infra-only)

Fixed software versions

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6396-1


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

3) NULL pointer dereference

EUVDB-ID: #VU78009

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2023-3212

CWE-ID:

Exploit availability:

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the gfs2 file system in the Linux kernel. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux to the latest version.

Vulnerable software versions

Ubuntu: 16.04 - 18.04

linux-image-4.15.0-1124-oracle (Ubuntu package): before Ubuntu Pro

linux-image-4.15.0-218-lowlatency (Ubuntu package): before Ubuntu Pro

linux-image-4.15.0-218-generic (Ubuntu package): before Ubuntu Pro

linux-image-4.15.0-1170-azure (Ubuntu package): before Ubuntu Pro

linux-image-4.15.0-1161-aws (Ubuntu package): before Ubuntu Pro

linux-image-4.15.0-1155-gcp (Ubuntu package): before Ubuntu Pro

linux-image-gcp-lts-18.04 (Ubuntu package): before Ubuntu Pro

linux-image-azure-lts-18.04 (Ubuntu package): before Ubuntu Pro

linux-image-aws-lts-18.04 (Ubuntu package): before Ubuntu Pro

linux-image-lowlatency (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-generic (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-virtual (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-gcp (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-gke (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-aws-hwe (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-generic-hwe-16.04 (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-lowlatency-hwe-16.04 (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-oem (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-virtual-hwe-16.04 (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-oracle (Ubuntu package): before Ubuntu Pro (Infra-only)

Fixed software versions

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6396-1


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

4) Use-after-free

EUVDB-ID: #VU79479

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2023-3863

CWE-ID:

Exploit availability:

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the nfc_llcp_find_local() function in net/nfc/llcp_core.c in NFC implementation in Linux kernel. A local user can execute arbitrary code with elevated privileges.


Mitigation

Update the affected package linux to the latest version.

Vulnerable software versions

Ubuntu: 16.04 - 18.04

linux-image-4.15.0-1124-oracle (Ubuntu package): before Ubuntu Pro

linux-image-4.15.0-218-lowlatency (Ubuntu package): before Ubuntu Pro

linux-image-4.15.0-218-generic (Ubuntu package): before Ubuntu Pro

linux-image-4.15.0-1170-azure (Ubuntu package): before Ubuntu Pro

linux-image-4.15.0-1161-aws (Ubuntu package): before Ubuntu Pro

linux-image-4.15.0-1155-gcp (Ubuntu package): before Ubuntu Pro

linux-image-gcp-lts-18.04 (Ubuntu package): before Ubuntu Pro

linux-image-azure-lts-18.04 (Ubuntu package): before Ubuntu Pro

linux-image-aws-lts-18.04 (Ubuntu package): before Ubuntu Pro

linux-image-lowlatency (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-generic (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-virtual (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-gcp (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-gke (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-aws-hwe (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-generic-hwe-16.04 (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-lowlatency-hwe-16.04 (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-oem (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-virtual-hwe-16.04 (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-oracle (Ubuntu package): before Ubuntu Pro (Infra-only)

Fixed software versions

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6396-1


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

5) Use-after-free

EUVDB-ID: #VU79714

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2023-40283

CWE-ID:

Exploit availability:

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the l2cap_sock_release() function in net/bluetooth/l2cap_sock.c. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package linux to the latest version.

Vulnerable software versions

Ubuntu: 16.04 - 18.04

linux-image-4.15.0-1124-oracle (Ubuntu package): before Ubuntu Pro

linux-image-4.15.0-218-lowlatency (Ubuntu package): before Ubuntu Pro

linux-image-4.15.0-218-generic (Ubuntu package): before Ubuntu Pro

linux-image-4.15.0-1170-azure (Ubuntu package): before Ubuntu Pro

linux-image-4.15.0-1161-aws (Ubuntu package): before Ubuntu Pro

linux-image-4.15.0-1155-gcp (Ubuntu package): before Ubuntu Pro

linux-image-gcp-lts-18.04 (Ubuntu package): before Ubuntu Pro

linux-image-azure-lts-18.04 (Ubuntu package): before Ubuntu Pro

linux-image-aws-lts-18.04 (Ubuntu package): before Ubuntu Pro

linux-image-lowlatency (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-generic (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-virtual (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-gcp (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-gke (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-aws-hwe (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-generic-hwe-16.04 (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-lowlatency-hwe-16.04 (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-oem (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-virtual-hwe-16.04 (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-oracle (Ubuntu package): before Ubuntu Pro (Infra-only)

Fixed software versions

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6396-1


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

6) Use-after-free

EUVDB-ID: #VU79486

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2023-4128

CWE-ID:

Exploit availability:

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package linux to the latest version.

Vulnerable software versions

Ubuntu: 16.04 - 18.04

linux-image-4.15.0-1124-oracle (Ubuntu package): before Ubuntu Pro

linux-image-4.15.0-218-lowlatency (Ubuntu package): before Ubuntu Pro

linux-image-4.15.0-218-generic (Ubuntu package): before Ubuntu Pro

linux-image-4.15.0-1170-azure (Ubuntu package): before Ubuntu Pro

linux-image-4.15.0-1161-aws (Ubuntu package): before Ubuntu Pro

linux-image-4.15.0-1155-gcp (Ubuntu package): before Ubuntu Pro

linux-image-gcp-lts-18.04 (Ubuntu package): before Ubuntu Pro

linux-image-azure-lts-18.04 (Ubuntu package): before Ubuntu Pro

linux-image-aws-lts-18.04 (Ubuntu package): before Ubuntu Pro

linux-image-lowlatency (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-generic (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-virtual (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-gcp (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-gke (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-azure (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-aws-hwe (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-generic-hwe-16.04 (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-lowlatency-hwe-16.04 (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-oem (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-virtual-hwe-16.04 (Ubuntu package): before Ubuntu Pro (Infra-only)

linux-image-oracle (Ubuntu package): before Ubuntu Pro (Infra-only)

Fixed software versions

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6396-1


Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###