Advisory for Ubuntu Security Update
- NIC-CERT/2022-04/165
- Date: 2022-04-01
- CVE ID: Multiple
- Severity: High
Advisory for Ubuntu Security Update
A. Description:
Multiple vulnerabilities have been reported in multiple Ubuntu packages which could allow an attackerto take control of the affected system.
B. Security Issues Fixed:
Ubuntu has released an advisory for multiple packages which contains vulnerabilities in
Linux kernel, tomcat and rsync.
C. Affected Package and Solution:
|
Affected Package |
CVE IDs |
Updated Version |
|
linux- Linux kernel linux-aws- Linux kernel for Amazon Web Services (AWS) systems linux-azure-4.15- Linux kernel for Microsoft Azure Cloud systems linux-dell300x- Linux kernel for Dell 300x platforms linux-hwe- Linux hardware enablement (HWE) kernel linux-kvm- Linux kernel for cloud environments linux-snapdragon- Linux kernel for Qualcomm Snapdragon processors |
CVE-2022-27666 |
Ubuntu 18.04Ubuntu 16.04 |
|
linux- Linux kernel linux-aws- Linux kernel for Amazon Web Services (AWS) systems linux-azure- Linux kernel for Microsoft Azure Cloud systems linux-gcp- Linux kernel for Google Cloud Platform (GCP) systems linux-hwe-5.13- Linux hardware enablement (HWE) kernel linux-hwe-5.4- Linux hardware enablement (HWE) kernel linux-kvm- Linux kernel for cloud environments linux-oracle- Linux kernel for Oracle Cloud systems linux-oracle-5.4- Linux kernel for Oracle Cloud systems |
CVE-2022-27666 CVE-2022-1055 |
Ubuntu 21.10Ubuntu 20.04Ubuntu 18.04 |
|
rsync- fast, versatile, remote (and local) file-copying tool |
CVE-2018-25032 |
Ubuntu 20.04Ubuntu 18.04 |
|
tomcat9- Apache Tomcat 9 - Servlet and JSP engine |
CVE-2021-33037 CVE-2020-17527 CVE-2020-9484 CVE-2021-25329 CVE-2020-9494 CVE-2021-25122 CVE-2021-30640 CVE-2021-41079 CVE-2020-13943 |
Ubuntu 20.04Ubuntu 18.04 |
|
linux-aws-hwe- Linux kernel for Amazon Web Services (AWS-HWE) systems linux-gcp-4.15- Linux kernel for Google Cloud Platform (GCP) systems linux-oracle- Linux kernel for Oracle Cloud systems |
CVE-2022-27666 |
Ubuntu 18.04Ubuntu 16.04 |
|
linux-aws-5.4- Linux kernel for Amazon Web Services (AWS) systems linux-azure- Linux kernel for Microsoft Azure Cloud systems linux-gcp- Linux kernel for Google Cloud Platform (GCP) systems linux-gcp-5.13- Linux kernel for Google Cloud Platform (GCP) systems linux-gcp-5.4- Linux kernel for Google Cloud Platform (GCP) systems linux-gke- Linux kernel for Google Container Engine (GKE) systems linux-gke-5.4- Linux kernel for Google Container Engine (GKE) systems linux-gkeop- Linux kernel for Google Container Engine (GKE) systems linux-gkeop-5.4- Linux kernel for Google Container Engine (GKE) systems |
CVE-2022-1055 CVE-2022-27666 |
Ubuntu 21.10Ubuntu 20.04Ubuntu 18.04 |
|
openjdk-lts- Open Source Java implementation |
CVE-2022-21248 CVE-2022-21277 CVE-2022-21282 CVE-2022-21283 CVE-2022-21291 CVE-2022-21293 CVE-2022-21294 CVE-2022-21296 CVE-2022-21299 CVE-2022-21305 CVE-2022-21340 CVE-2022-21341 CVE-2022-21360 CVE-2022-21366 CVE-2022-21365 |
Ubuntu 21.10Ubuntu 20.04Ubuntu 18.04 |
The problem can be corrected by updating your system the updated package versions:
D. References:
https://ubuntu.com/security/notices
