New Ubuntu kernel update, but this time to fix only three Intel bugs

Pablinux

2 minutes

Ubuntu fixes kernel security flaws

A little over a week ago we published an article in which we reported that Canonical had updated the Ubuntu kernel to cover many security flaws. There were many more bugs than is usual in this type of update, it being normal to cover about 4-5. A few hours ago, the company has launched another Ubuntu kernel update, but this time, although it is always recommended to accept the changes, it is not so urgent.

In fact, of the two reports, most users are only concerned with one. The first is the USN-5484-1, and it fixes 5 bugs that affect Ubuntu 14.04. We remember that this version of Ubuntu, with 8 years of life, is in the ESM phase, that is, taking advantage of the extended support in which kernel security flaws continue to be covered. The other report is USN-5485-1, and this one should draw the attention of most Ubuntu users, since it affects all supported versions, including 16.04 and 14.04, which, as we have mentioned, are in the ESM phase.

Ubuntu covers three bugs that affect all its versions

The three bugs covered in this latest report and their descriptions are:

  • CVE-2022-21123- Some Intel processors were found to not fully perform cleanup actions on multi-core shared buffers. A local attacker could use this to expose sensitive information.
  • CVE-2022-21125– It was discovered that some Intel processors did not fully perform cleanup actions on microarchitecture fill buffers. A local attacker could a local attacker could use this to expose sensitive information.
  • CVE-2022-21166- It was discovered that some Intel processors were not correctly performing cleanup during specific write operations to special registers. A local attacker could use this to expose sensitive information.

To protect yourself from all these threats, simply launch each distribution's software center and install the new kernel packages. They can also be installed by opening a terminal and typing the famous «sudo apt update && sudo apt upgrade«. Although in all three cases “a local attacker” is mentioned, it is better to be protected, and updating costs little.


Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: Miguel Ángel Gatón
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.