Advisory for Ubuntu Packages Security Update

  • NIC-CERT/2022-10/432
  • Date: 2022-10-12
  • CVE ID: Multiple
  • Severity: High
  1. Description:

Vulnerability have been reported in Ubuntu package which could allow an attackerto take control of the affected system.

  1. Security Issues Fixed:

Ubuntu has released an advisory for package which contains vulnerabilities in Dotnet6.

  1. Affected Package and Solution:

Affected Package

CVE IDs

Updated Version

dotnet6 - dotNET CLI tools and runtime

CVE-2022-41032

Ubuntu 22.04

linux-hwe - Linux hardware enablement (HWE) kernel

linux-oracle - Linux kernel for Oracle Cloud systems

CVE-2022-26365 CVE-2022-2318 CVE-2022-32296 CVE-2022-33742 CVE-2022-1012 CVE-2022-33744 CVE-2022-33741 CVE-2022-33740 CVE-2022-0812

Ubuntu 16.04

linux - Linux kernel

linux-dell300x - Linux kernel for Dell 300x platforms

linux-kvm - Linux kernel for cloud environments

linux-oracle - Linux kernel for Oracle Cloud systems

linux-raspi2 - Linux kernel for Raspberry Pi systems

linux-snapdragon - Linux kernel for Qualcomm Snapdragon processors

CVE-2022-26365 CVE-2022-33741 CVE-2022-2318 CVE-2022-1012 CVE-2022-33744 CVE-2022-0812 CVE-2022-33740 CVE-2022-32296 CVE-2022-33742

Ubuntu 18.04

linux - Linux kernel

linux-aws - Linux kernel for Amazon Web Services (AWS) systems

linux-bluefield - Linux kernel for NVIDIA BlueField platforms

linux-gke - Linux kernel for Google Container Engine (GKE) systems

linux-gkeop - Linux kernel for Google Container Engine (GKE) systems

linux-hwe-5.4 - Linux hardware enablement (HWE) kernel

linux-ibm - Linux kernel for IBM cloud systems

linux-ibm-5.4 - Linux kernel for IBM cloud systems

linux-kvm - Linux kernel for cloud environments

linux-oracle - Linux kernel for Oracle Cloud systems

CVE-2022-33741 CVE-2021-4159 CVE-2022-33740 CVE-2022-20369 CVE-2022-33744 CVE-2022-26373 CVE-2022-3176 CVE-2022-33742 CVE-2022-36879 CVE-2022-2318 CVE-2022-26365

Ubuntu 20.04

Ubuntu 18.04

linux - Linux kernel

linux-aws - Linux kernel for Amazon Web Services (AWS) systems

linux-aws-5.15 - Linux kernel for Amazon Web Services (AWS) systems

linux-azure - Linux kernel for Microsoft Azure Cloud systems

linux-azure-5.15 - Linux kernel for Microsoft Azure cloud systems

linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems

linux-gke - Linux kernel for Google Container Engine (GKE) systems

linux-gkeop - Linux kernel for Google Container Engine (GKE) systems

linux-hwe-5.15 - Linux hardware enablement (HWE) kernel

linux-kvm - Linux kernel for cloud environments

linux-lowlatency - Linux low latency kernel

linux-lowlatency-hwe-5.15 - Linux low latency kernel

linux-oracle - Linux kernel for Oracle Cloud systems

linux-raspi - Linux kernel for Raspberry Pi systems

CVE-2022-1882 CVE-2022-26373 CVE-2022-39189 CVE-2022-36879 CVE-2022-3176

Ubuntu 22.04

Ubuntu 20.04

pcre3 - Perl 5 Compatible Regular Expression Library

CVE-2017-7186 CVE-2017-6004

Ubuntu 16.04

openssh - secure shell (SSH) for secure access to remote machines

CVE-2021-41617

Ubuntu 16.04

The problem can be corrected by updating your system the updated package versions.

  1. References:
    https://ubuntu.com/security/notices