Canonical today released a Linux Kernel security update for all supported Ubuntu distributions, fixing three high-risk vulnerabilities that existed in previous versions.
The applicable Ubuntu versions are here:
- Ubuntu 23.04 (Lunar Lobster) running Linux Kernel 6.2
- Ubuntu 22.10 (Kinetic Kudu) running Linux Kernel 5.19
- Ubuntu 22.04 LTS running Linux Kernel 5.15 LTS or 5.19 HWE (Jammy Jellyfish)
- Ubuntu 20.04 LTS (Focal Fossa) running Linux Kernel 5.4 or 5.15 HWE
- Ubuntu 18.04 ESM running Linux Kernel 5.4 HWE
This update fixes the following 3 security vulnerabilities:
CVE-2023-35788:
Hangyu Hua An out-of-bounds writes vulnerability was discovered in the Flower classifier implementation in the Linux kernel that could allow an attacker to cause a denial of service (system crash) or execute arbitrary code.
CVE-2023-2430:
Ubuntu 22.10 and Ubuntu 22.04 LTS distributions running Linux Kernel 5.19
This vulnerability, discovered by Xingyuan Mo and Gengjia Chen, exists in the io_uring subsystem and allows local attackers to cause a denial of service.
Intel processor vulnerability:
A new Linux kernel security update also patches a flaw affecting Intel processors caused by the INVLPG instruction implementation not properly refreshing global TLB entries when PCID is enabled. This flaw could allow an attacker to expose sensitive information (kernel memory) or could lead to unexpected behavior.