Advisory for Ubuntu Packages Security Update

  • NIC-CERT/2022-12/509
  • Date: 2022-12-14
  • CVE ID: Multiple
  • Severity: High

Description:

Multiple vulnerabilities have been reported in multiple Ubuntu packages which could allow an attackerto take control of the affected system.

Security Issues Fixed:

Ubuntu has released an advisory for multiple packages which contains vulnerabilities in

Pillow and containerd.

Affected Package and Solution:

Affected Package

CVE IDs

Updated Version

pillow- Python Imaging Library

CVE-2022-24303

CVE-2022-45198

Ubuntu 22.04 LTS

Ubuntu 20.04 LTS

containerd- daemon to control runC

CVE-2022-24778

CVE-2022-24769

CVE-2022-23471

CVE-2022-31030

Ubuntu 22.10

Ubuntu 22.04 LTS

Ubuntu 20.04 LTS

Ubuntu 18.04 LTS

vim- Vi IMproved - enhanced vi editor

CVE-2022-3591

CVE-2022-2581

CVE-2022-2345

CVE-2022-3256

CVE-2022-3324

CVE-2022-3099

Ubuntu 16.04 ESM

linux-azure-Linux kernel for Microsoft Azure Cloud systems

linux-azure-4.15- Linux kernel for Microsoft Azure Cloud systems

CVE-2022-3621

CVE-2022-42703

CVE-2022-2978

CVE-2022-20422

CVE-2022-3239

CVE-2022-36879

CVE-2022-3566

CVE-2022-3564

CVE-2022-40768

CVE-2022-3594

CVE-2022-3635

CVE-2022-2153

CVE-2022-3567

CVE-2022-3028

CVE-2022-3565

CVE-2022-3524

Ubuntu 18.04 LTS

Ubuntu 14.04 ESM

linux-azure- Linux kernel for Microsoft Azure Cloud systems

linux-azure-5.4- Linux kernel for Microsoft Azure cloud systems

CVE-2022-42703

CVE-2022-3524

CVE-2022-3594

CVE-2022-3566

CVE-2022-3621

CVE-2022-3564

CVE-2022-3565

CVE-2022-3567

Ubuntu 20.04 LTS

Ubuntu 18.04 LTS

linux-oem-5.17- Linux kernel for OEM systems

CVE-2022-3564

CVE-2022-3621

CVE-2022-43945

CVE-2022-3524

CVE-2022-3594

CVE-2022-33743

CVE-2022-3566

CVE-2022-42703

CVE-2022-26365

CVE-2022-3567

Ubuntu 22.04 LTS

linux-azure- Linux kernel for Microsoft Azure Cloud systems

CVE-2022-3524

CVE-2022-3564

CVE-2022-3621

CVE-2022-3567

CVE-2022-43945

CVE-2022-3566

CVE-2022-3565

CVE-2022-3594

Ubuntu 22.10

qemu- Machine emulator and virtualizer

CVE-2021-3682

CVE-2022-3165

CVE-2022-0216

CVE-2021-3750

CVE-2021-3930

CVE-2022-2962

Ubuntu 22.10

Ubuntu 22.04 LTS

Ubuntu 20.04 LTS

Ubuntu 18.04 LTS

Ubuntu 16.04 ESM

Ubuntu 14.04 ESM

The problem can be corrected by updating your system the updated package versions:

References:

https://ubuntu.com/security/notices