The Computer Emergency Response Team of France (CERT-FR) has issued an advisory concerning multiple vulnerabilities detected in the Ubuntu Linux kernel.
Document Management
- Reference: CERTFR-2023-AVI-0813
- Title: Multiple Vulnerabilities in Ubuntu Linux Kernel
- First Version Date: October 6, 2023
- Last Version Date: October 6, 2023
- Sources: Ubuntu Security Notices (USN) – Various
- Attachments: None
Risk(s)
- Data Integrity Compromise
- Data Confidentiality Breach
- Remote Denial of Service
- Remote Arbitrary Code Execution
Affected Systems
- Ubuntu 18.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 23.04
Summary Multiple vulnerabilities have been identified in the Ubuntu Linux kernel. Some of these vulnerabilities allow an attacker to execute arbitrary code remotely, compromise data confidentiality, and compromise data integrity.
Solution Refer to the publisher’s security bulletin for obtaining patches (see Documentation section).
Documentation
- USN-6386-2 – September 29, 2023
- USN-6386-3 – October 3, 2023
- USN-6417-1 – October 4, 2023
- USN-6416-1 – October 4, 2023
- USN-6415-1 – October 4, 2023
- USN-6412-1 – October 4, 2023
- USN-6396-2 – October 5, 2023
References (CVE)
- CVE-2021-4001
- CVE-2022-27672
- [Other CVE references are available in the original document]
CERT-FR strongly recommends applying the provided security patches to mitigate the identified vulnerabilities. For additional details or assistance, refer to the official Ubuntu security bulletins or contact CERT-FR through their specified communication channels.