Today, Canonical published new Linux kernel security updates for all supported Ubuntu releases and it looks like it’s a massive update that addresses more than 30 security vulnerabilities.
The new Linux kernel security updates come about two weeks after the previous updates, which were minor ones patching only three security flaws, and are available for all supported Ubuntu releases, including Ubuntu 22.04 LTS (Jammy Jellyfish), Ubuntu 21.10 (Impish Indri), Ubuntu 20.04 LTS (Focal Fossa), Ubuntu 18.04 LTS (Bionic Beaver), as well as the Ubuntu 16.04 and 14.04 ESM releases.
There are more than 30 security vulnerabilities patched in this massive Ubuntu kernel update. Common to all Ubuntu releases is CVE-2022-1966, a use-after-free vulnerability discovered by Aaron Adams in the netfilter subsystem that could allow a local attacker to cause a denial of service (system crash) or execute arbitrary code, as well as CVE-2022-21499, a kernel flaw that could allow privileged attackers to bypass UEFI Secure Boot restrictions, and CVE-2022-28390, a double-free vulnerability discovered in the EMS CAN/USB interface implementation, allowing a local attacker to cause a denial of service (memory exhaustion).
The link for this article located at 9 to 5 Linux is no longer available.