Advisory for Ubuntu Packages Security Update
- NIC-CERT/2023-03/055
- Date: 2023-03-10
- CVE ID: Multiple
- Severity: High
Advisory for Ubuntu Packages Security Update
- Description:
Multiple vulnerabilities have been reported in multiple Ubuntu packages which could allow an attackerto take control of the affected system.
- Security Issues Fixed:
Ubuntu has released an advisory for multiple packages which contains vulnerabilities in
Linux kernel, apache http server etc.
- Affected Package and Solution:
|
Affected Package |
CVE IDs |
Updated Version |
|
apache2- Apache HTTP server |
CVE-2023-27522 CVE-2023-25690 |
Ubuntu 22.10 Ubuntu 22.04 LTS Ubuntu 20.04 LTS Ubuntu 18.04 LTS |
|
linux-kvm- Linux kernel for cloud environments |
CVE-2022-42329 CVE-2022-47518 CVE-2022-3545 CVE-2022-4139 CVE-2022-47519 CVE-2023-0461 CVE-2022-3344 CVE-2022-4379 CVE-2022-45869 CVE-2022-47520 CVE-2022-42328 CVE-2023-0179 CVE-2022-47521 CVE-2023-0468 CVE-2022-3521 CVE-2022-3435 CVE-2022-3169 |
Ubuntu 22.04 LTS |
|
linux-raspi-5.4- Linux kernel for Raspberry Pi systems |
CVE-2022-41218 CVE-2022-3424 CVE-2022-42329 CVE-2023-0266 CVE-2023-0394 CVE-2023-23455 CVE-2023-20938 CVE-2022-3545 CVE-2022-4139 CVE-2022-3435 CVE-2023-0045 CVE-2022-42328 CVE-2022-36280 CVE-2022-3521 CVE-2022-47929 CVE-2022-3169 CVE-2022-47520 CVE-2023-23454 CVE-2023-0461 CVE-2022-3623 |
Ubuntu 18.04 LTS |
|
linux-gcp-5.4- Linux kernel for Google Cloud Platform (GCP) systems |
CVE-2022-3521 CVE-2023-0461 CVE-2023-20938 CVE-2022-41218 CVE-2022-42328 CVE-2023-23454 CVE-2022-47520 CVE-2022-42329 CVE-2022-3545 CVE-2023-0266 CVE-2022-3435 CVE-2023-0045 CVE-2022-3424 CVE-2022-4139 CVE-2022-3169 CVE-2022-36280 CVE-2022-47929 CVE-2023-0394 CVE-2022-3623 CVE-2023-23455 |
Ubuntu 18.04 LTS |
|
linux-gkeop- Linux kernel for Google Container Engine (GKE) systems |
CVE-2022-3169 CVE-2022-3521 CVE-2022-3344 CVE-2022-3545 CVE-2022-3435 CVE-2022-45869 CVE-2022-47518 CVE-2023-0461 CVE-2023-0468 CVE-2022-42328 CVE-2022-42329 CVE-2022-4139 CVE-2022-4379 CVE-2022-47519 CVE-2022-47521 CVE-2022-47520 CVE-2023-0179 |
Ubuntu 22.04 LTS |
|
opusfile- debugging symbols for libopusfile |
CVE-2022-47021 |
Ubuntu 22.04 LTS Ubuntu 20.04 LTS Ubuntu 18.04 LTS Ubuntu 16.04 ESM |
|
samba- SMB/CIFS file, print, and login server for Unix |
CVE-2022-37966 CVE-2022-37967 CVE-2022-38023 CVE-2022-42898 CVE-2022-45141 CVE-2022-3437 |
Ubuntu 20.04 LTS |
|
linux-ibm- Linux kernel for IBM cloud systems linux-raspi- Linux kernel for Raspberry Pi systems |
CVE-2022-47521 CVE-2022-3169 CVE-2022-4379 CVE-2022-47520 CVE-2022-42329 CVE-2022-3435 CVE-2022-3521 CVE-2022-3545 CVE-2022-3344 CVE-2023-0461 CVE-2022-45869 CVE-2023-0179 CVE-2023-0468 CVE-2022-47519 CVE-2022-47518 CVE-2022-42328 CVE-2022-4139 |
Ubuntu 22.04 LTS |
|
linux-raspi- Linux kernel for Raspberry Pi systems |
CVE-2022-3623 CVE-2022-36280 CVE-2022-42328 CVE-2022-4139 CVE-2023-0394 CVE-2022-3521 CVE-2022-3435 CVE-2023-20938 CVE-2023-23454 CVE-2022-47929 CVE-2023-0045 CVE-2023-0461 CVE-2022-47520 CVE-2022-3169 CVE-2022-3545 CVE-2022-42329 CVE-2022-41218 CVE-2023-0266 CVE-2023-23455 CVE-2022-3424 |
Ubuntu 20.04 LTS |
|
libtpms- TPM emulation library |
CVE-2023-1017 CVE-2023-1018 |
Ubuntu 22.10 Ubuntu 22.04 LTS |
|
sofia-sip- Sofia-SIP library development files |
CVE-2022-47516 CVE-2022-31001 CVE-2023-22741 CVE-2022-31003 CVE-2022-31002 |
Ubuntu 22.10 Ubuntu 22.04 LTS Ubuntu 20.04 LTS Ubuntu 18.04 LTS Ubuntu 16.04 ESM |
|
python3.8- An interactive high-level object-oriented language |
CVE-2022-37454 |
Ubuntu 18.04 LTS |
|
python3.7- An interactive high-level object-oriented language |
CVE-2022-37454 |
Ubuntu 18.04 LTS |
|
aws- Linux kernel for Amazon Web Services (AWS) systems - (>= 4.15.0-1054, >= 4.15.0-1119, >= 5.4.0-1009, >= 5.4.0-1061, >= 5.15.0-1000, >= 4.4.0-1098, >= 4.4.0-1129) aws-5.15- Linux kernel for Amazon Web Services (AWS) systems - (>= 5.15.0-1000) aws-5.4- Linux kernel for Amazon Web Services (AWS) systems - (>= 5.4.0-1069) aws-hwe- Linux kernel for Amazon Web Services (AWS-HWE) systems - (>= 4.15.0-1126) azure- Linux kernel for Microsoft Azure Cloud systems - (>= 5.4.0-1010, >= 5.15.0-1000, >= 4.15.0-1063, >= 4.15.0-1078, >= 4.15.0-1114) azure-4.15- Linux kernel for Microsoft Azure Cloud systems - (>= 4.15.0-1115) azure-5.4- Linux kernel for Microsoft Azure cloud systems - (>= 5.4.0-1069) gcp- Linux kernel for Google Cloud Platform (GCP) systems - (>= 5.4.0-1009, >= 5.15.0-1000, >= 4.15.0-1118) gcp-4.15- Linux kernel for Google Cloud Platform (GCP) systems - (>= 4.15.0-1121) gcp-5.15- Linux kernel for Google Cloud Platform (GCP) systems - (>= 5.15.0-1000) gcp-5.4- Linux kernel for Google Cloud Platform (GCP) systems - (>= 5.4.0-1069) generic-4.15- Linux hardware enablement (HWE) kernel - (>= 4.15.0-69, >= 4.15.0-143, >= 4.15.0-69) generic-4.4- Linux kernel - (>= 4.4.0-211, >= 4.4.0-168) generic-5.4- Linux kernel - (>= 5.4.0-26, >= 5.4.0-26) gke- Linux kernel for Google Container Engine (GKE) systems - (>= 5.4.0-1033, >= 5.15.0-1000) gke-4.15- Linux kernel for Google Container Engine (GKE) systems - (>= 4.15.0-1076) gke-5.15- Linux kernel for Google Container Engine (GKE) systems - (>= 5.15.0-1000) gke-5.4- Linux kernel for Google Container Engine (GKE) systems - (>= 5.4.0-1009) gkeop- Linux kernel for Google Container Engine (GKE) systems - (>= 5.4.0-1009) gkeop-5.4- Linux kernel for Google Container Engine (GKE) systems - (>= 5.4.0-1007) ibm- Linux kernel for IBM cloud systems - (>= 5.4.0-1009, >= 5.15.0-1000) ibm-5.4- Linux kernel for IBM cloud systems - (>= 5.4.0-1009) linux- Linux kernel - (>= 5.15.0-24) lowlatency- Linux low latency kernel - (>= 5.15.0-25) lowlatency-4.15- Linux hardware enablement (HWE) kernel - (>= 4.15.0-69, >= 4.15.0-143, >= 4.15.0-69) lowlatency-4.4- Linux kernel - (>= 4.4.0-211, >= 4.4.0-168) lowlatency-5.4- Linux kernel - (>= 5.4.0-26, >= 5.4.0-26) oem- Linux kernel for OEM systems - (>= 4.15.0-1063) |
CVE-2022-42896 CVE-2022-4378 CVE-2022-43945 |
Ubuntu 22.04 LTS Ubuntu 20.04 LTS Ubuntu 18.04 LTS Ubuntu 16.04 ESM |
|
linux- Linux kernel linux-aws- Linux kernel for Amazon Web Services (AWS) systems linux-kvm- Linux kernel for cloud environments linux-lts-xenial- Linux hardware enablement kernel from Xenial for Trusty |
CVE-2022-42895 CVE-2021-4155 CVE-2022-41858 CVE-2023-0045 CVE-2023-23559 CVE-2022-20566 |
Ubuntu 16.04 ESM Ubuntu 14.04 ESM |
|
linux-kvm- Linux kernel for cloud environments linux-raspi2- Linux kernel for Raspberry Pi systems linux-snapdragon- Linux kernel for Qualcomm Snapdragon processors |
CVE-2022-3521 CVE-2022-42328 CVE-2022-3640 CVE-2022-3545 CVE-2022-42329 CVE-2023-0461 CVE-2022-3628 CVE-2022-42895 |
Ubuntu 18.04 LTS |
|
linux-azure- Linux kernel for Microsoft Azure Cloud systems |
CVE-2022-42329 CVE-2022-3545 CVE-2023-0394 CVE-2022-47929 CVE-2021-3669 CVE-2023-0045 CVE-2022-26373 CVE-2022-36280 CVE-2022-3646 CVE-2023-0461 CVE-2022-3628 CVE-2022-3424 CVE-2022-42895 CVE-2022-2663 CVE-2022-41850 CVE-2022-42328 CVE-2022-41849 CVE-2022-3521 CVE-2022-3649 CVE-2022-20369 CVE-2022-3640 CVE-2022-41218 CVE-2022-43750 CVE-2022-29900 CVE-2022-29901 CVE-2022-39842 CVE-2023-0266 CVE-2023-23455 CVE-2023-23559 |
Ubuntu 14.04 ESM |
|
tiff- Tag Image File Format (TIFF) library |
CVE-2023-0802 CVE-2023-0796 CVE-2023-0803 CVE-2023-0799 CVE-2023-0800 CVE-2023-0801 CVE-2023-0798 CVE-2023-0795 CVE-2023-0797 CVE-2023-0804 |
Ubuntu 22.10 Ubuntu 22.04 LTS Ubuntu 20.04 LTS Ubuntu 18.04 LTS Ubuntu 16.04 ESM Ubuntu 14.04 ESM |
|
nss- Network Security Service library |
CVE-2023-0767 |
Ubuntu 16.04 ESM Ubuntu 14.04 ESM |
|
gmp- Multiprecision arithmetic library developers tools |
CVE-2021-43618 |
Ubuntu 14.04 ESM |
|
python3.6- An interactive high-level object-oriented language |
CVE-2022-37454 |
Ubuntu 18.04 LTS |
|
rsync- fast, versatile, remote (and local) file-copying tool |
CVE-2022-29154 |
Ubuntu 22.10 Ubuntu 22.04 LTS Ubuntu 20.04 LTS Ubuntu 18.04 LTS |
The problem can be corrected by updating your system the updated package versions:
- References:
https://ubuntu.com/security/notices
