Language Selection

English French German Italian Portuguese Spanish

New Linux Kernel Vulnerability Patched in All Supported Ubuntu Systems, Update Now

Filed under
Linux
News
Security
Ubuntu

Discovered by William Liu and Jamie Hill-Daniel, the new security flaw (CVE-2022-0185) is an integer underflow vulnerability found in Linux kernel’s file system context functionality, which could allow an attacker to crash the system or run programs as an administrator.

The security vulnerability affects all supported Ubuntu releases, including Ubuntu 21.10 (Impish Indri) systems running Linux kernel 5.13, Ubuntu 21.04 (Hirsute Hippo) systems running Linux kernel 5.11, as well as Ubuntu 20.04 LTS (Focal Fossa) and Ubuntu 18.04 LTS (Bionic Beaver) systems running Linux kernel 5.4 LTS.

Read more

'Now' would be the right time to patch Ubuntu...

  • 'Now' would be the right time to patch Ubuntu container hosts and ditch 21.04 thanks to heap buffer overflow bug

    The CVE-2022-0185 vulnerability in Ubuntu is severe enough that Red Hat is also advising immediate patching.

    The flaw allows a process inside a Linux user namespace to escape, which means it potentially affects any machine running containers.

    If you're not running any containers, you can just disable the user-namespace functionality – both companies' vulnerability descriptions describe how to do that on their respective distros. It affects RHEL (and derivatives) as well as Ubuntu 20.04, 21.04 and 21.10 – and presumably other distros, too.

    So it's possibly a good thing that "Hirsute Hippo", as Ubuntu 21.04 is nicknamed, just went end of life today (20 January 2022). If you have any 21.04 machines, it's time to upgrade them now. That means 21.10 "Impish Indri" for the moment, until the next LTS release appears in April.

Ubuntu patch with extra fear-mongering

  • Nasty Linux kernel bug found and fixed | ZDNet

    In this one, there's a heap overflow bug in the legacy_parse_param in the Linux kernel's fs/fs_context.c program. This parameter is used in Linux filesystems during superblock creation for mount and superblock reconfiguration for a remount. The superblock records all of a filesystem's characteristics such as file size, block size, empty and filled storage blocks. So, yeah, it's important.

    The legacy_parse_param() "PAGE_SIZE - 2 - size" calculation was mistakenly made an unsigned type. This means a large value of "size" results in a high positive value instead of a negative value as expected. Whoops.

    This, in turn, meant you copy data beyond the memory slab allocated for it. And, as all programmers know, writing beyond the memory your program is supposed to have access to is a terrible thing.

  • Ubuntu has a pretty serious security flaw, so patch now | TechRadar

    Cybersecurity researchers have discovered a major flaw in one of Linux’s most popular distros - Ubuntu, and are urging all users to patch immediately.

    As reported on Ubuntu’s website, two researchers - William Luil and Jamila Hill-Daniel - discovered a vulnerability that allows malicious actors to crash the system, or run software in administrator mode.

    The vulnerability, tracked as CVE-2022-0185, allegedly affects all of the Ubuntu releases that are still being supported. That includes Ubuntu 21.10 Impish Indri with Linux kernel 5.13, Ubuntu 21.04 Hirsute Hippo with Linux kernel 5.11, Ubuntu 20.04 LTS Focal Fossa, and Ubuntu 18.04 LTS Bionic Beaver, both with Linux kernel 5.4 LTS.

Red Hat, Ubuntu issue warnings over Linux kernel vulnerability

  • Red Hat, Ubuntu issue warnings over Linux kernel vulnerability

    Red Hat and Ubuntu have issued warnings about a serious vulnerability in their Linux distributions.

    It’s described as a heap-based buffer overflow flaw (CVE 2022-0185). According to Ubuntu, the file system context functionality in the Linux kernel contained an integer underflow vulnerability, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code.

    As The Register notes, the discovery also comes as Ubuntu 21.04 reached end of life, so rather than apply Ubutu’s mitigation to servers running this version, Linux admins should upgrade them to version 21.10, and apply a patch to it.

Looking At The New "Critical" Security Firmware Update

  • Looking At The New "Critical" Security Firmware Update Hitting Systems - Delivers New Intel Microcode - Phoronix

    Earlier this week the Linux Vendor Firmware Service began surging with activity following many new system firmware files being uploaded for what appears to be a "high severity upcoming security issue" but currently undisclosed. That issue hasn't been made public yet, but after poking around it is updating the Intel CPU microcode.

    After that earlier article, Red Hat's Richard Hughes who is the lead LVFS/fwupd lead developer commented that they shipped more than 156,000 firmware updates to end-users in a single day. The day after they were still at around twice their usual volume. For hardware with LVFS support for firmware updates, it's been a busy week but that only covers a small portion of the hardware out there.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Fedora Magazine: Five common mistakes when using automation

As automation expands to cover more aspects of IT, more administrators are learning automation skills and applying them to ease their workload. Automation can ease the burden of repetitive tasks and add a level of conformity to infrastructure. But when IT workers deploy automation, there are common mistakes that can wreak havoc on infrastructures large and small. Five common mistakes are typically seen in automation deployments. Read more

Security Leftovers

  • Reproducible Builds: Supporter spotlight: Jan Nieuwenhuizen on Bootstrappable Builds, GNU Mes and GNU Guix

    The Reproducible Builds project relies on several projects, supporters and sponsors for financial support, but they are also valued as ambassadors who spread the word about our project and the work that we do. This is the fourth instalment in a series featuring the projects, companies and individuals who support the Reproducible Builds project. We started this series by featuring the Civil Infrastructure Platform project and followed this up with a post about the Ford Foundation as well as a recent ones about ARDC and the Google Open Source Security Team (GOSST). Today, however, we will be talking with Jan Nieuwenhuizen about Bootstrappable Builds, GNU Mes and GNU Guix.

  • CISA Issues Emergency Directive and Releases Advisory Related to VMware Vulnerabilities [Ed: Proprietary software is a threat to national security]

    CISA has issued Emergency Directive (ED) 22-03 and released a Cybersecurity Advisory (CSA) in response to active and expected exploitation of multiple vulnerabilities in the following VMware products: VMware Workspace ONE Access (Access), VMware Identity Manager (vIDM), VMware vRealize Automation (vRA), VMware Cloud Foundation, vRealize Suite Lifecycle Manager.

  • Software Supply Chain: A Risky Time for Dependencies [Ed: This is a proprietary software problem too and it's not a new problem; the FUD patterns are newer and driven by special interests]

    The software supply chain is a critical element in the lifecycle of applications and websites. The interdependencies and components common in modern software development can increase the attack surface and sometimes allow hackers to bypass robust security layers you’ve added to your infrastructure.

Shows and Videos: FLOSS Weekly, Linux Out Loud, Bringing Windows Best Feature To Linux, and More

  • FLOSS Weekly 681: Yes, UCAN - James Walker, Fission.codes and UCAN

    User Controlled Authorization Networks (UCANs) are just one of the many new and useful approaches to decentralization that James Walker, of fission.codes, shares with Doc Searls and Dan Lynch. If you want a detailed dose of pure optimism about Web3 working for you and me, this is the episode for you on FLOSS Weekly.

  • 14: Back Stage Pass - Linux Out Loud - TuxDigital

    This week, Linux Out Loud chats about what it is like for us to be content creators on the Tux Digital Network. Welcome to episode 14 of Linux Out Loud. We fired up our mics, connected those headphones as we searched the community for themes to expound upon. We kept the banter friendly, the conversation somewhat on topic, and had fun doing it.

  • Bringing Windows Best Feature To Linux!! - Invidious

    Have you ever felt like Linux was just missing something but not sure what it was missing, well maybe it was missing a really annoying watermark telling you to activate your system everytime you use it.

  • Why Use The Terminal Instead of GUI Apps? - Invidious

    New Linux users often are confused with why more intermediate-to-advanced users gravitate to the terminal rather than just using GUI apps for the same task. There are reasons why newer users hate the terminal and longtime Linux users love the terminal.

  • Linux in the Ham Shack/LHS Episode #467: The Weekender XCI

    It's time once again for The Weekender. This is our departure into the world of hedonism, random topic excursions, whimsy and (hopefully) knowledge. Thanks for listening and, if you happen to get a chance, feel free to call us or e-mail and send us some feedback. Tell us how we're doing. We'd love to hear from you.

Android Leftovers