Ubuntu Linux Kernel Multiple Vulnerabilities
RISK: Medium Risk
TYPE: Operating Systems - Linux
Multiple vulnerabilities were identified in Ubuntu Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution, security restriction bypass, sensitive information disclosure and elevation of privilege on the targeted system.
Note:
Exploit in the wild has been detected for CVE-2023-0386. Unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. The vulnerability potentially allows a local attacker to escalate the privileges on the targeted system.
[Updated on 2023-04-13]
Updated System / Technologies affected, Solutions, Vulnerability Identifier and Related Links.
[Updated on 2023-04-14]
Updated System / Technologies affected, Solutions, Vulnerability Identifier and Related Links.
[Updated on 2023-04-18]
Updated Solutions, Vulnerability Identifier and Related Links.
[Updated on 2023-04-19]
Updated System / Technologies affected, Solutions, Vulnerability Identifier and Related Links.
[Updated on 2023-04-20]
Updated Impact, System / Technologies affected, Solutions, Vulnerability Identifier and Related Links.
[Updated on 2023-04-21]
Updated Solutions, Vulnerability Identifier and Related Links.
[Updated on 2023-04-27]
Updated Solutions, Vulnerability Identifier and Related Links.
[Updated on 2025-06-18]
Updated Description and Related Links.
Impact
- Denial of Service
- Remote Code Execution
- Security Restriction Bypass
- Information Disclosure
- Elevation of Privilege
System / Technologies affected
- Ubuntu 14.04 ESM
- Ubuntu 16.04 ESM
- Ubuntu 18.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 22.10
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
- https://ubuntu.com/security/notices/USN-6000-1
- https://ubuntu.com/security/notices/USN-6001-1
- https://ubuntu.com/security/notices/USN-6004-1
- https://ubuntu.com/security/notices/USN-6007-1
- https://ubuntu.com/security/notices/USN-6009-1
- https://ubuntu.com/security/notices/USN-6013-1
- https://ubuntu.com/security/notices/USN-6014-1
- https://ubuntu.com/security/notices/USN-6020-1
- https://ubuntu.com/security/notices/LSN-0094-1
- https://ubuntu.com/security/notices/USN-6024-1
- https://ubuntu.com/security/notices/USN-6025-1
- https://ubuntu.com/security/notices/USN-6027-1
- https://ubuntu.com/security/notices/USN-6029-1
- https://ubuntu.com/security/notices/USN-6030-1
- https://ubuntu.com/security/notices/USN-6031-1
- https://ubuntu.com/security/notices/USN-6032-1
- https://ubuntu.com/security/notices/USN-6033-1
- https://ubuntu.com/security/notices/USN-6040-1
- https://ubuntu.com/security/notices/USN-6043-1
- https://ubuntu.com/security/notices/USN-6044-1
- https://ubuntu.com/security/notices/USN-6045-1
Vulnerability Identifier
- CVE-2020-36516
- CVE-2021-3428
- CVE-2021-3659
- CVE-2021-3669
- CVE-2021-3732
- CVE-2021-3772
- CVE-2021-4149
- CVE-2021-4203
- CVE-2021-26401
- CVE-2021-28711
- CVE-2021-28712
- CVE-2021-28713
- CVE-2021-45868
- CVE-2022-0487
- CVE-2022-0494
- CVE-2022-0617
- CVE-2022-1016
- CVE-2022-1195
- CVE-2022-1205
- CVE-2022-1462
- CVE-2022-1516
- CVE-2022-1974
- CVE-2022-1975
- CVE-2022-2196
- CVE-2022-2318
- CVE-2022-2380
- CVE-2022-2503
- CVE-2022-2663
- CVE-2022-2991
- CVE-2022-3061
- CVE-2022-3108
- CVE-2022-3111
- CVE-2022-3169
- CVE-2022-3303
- CVE-2022-3424
- CVE-2022-3435
- CVE-2022-3521
- CVE-2022-3545
- CVE-2022-3586
- CVE-2022-3623
- CVE-2022-3628
- CVE-2022-3646
- CVE-2022-3903
- CVE-2022-4095
- CVE-2022-4129
- CVE-2022-4139
- CVE-2022-4269
- CVE-2022-4382
- CVE-2022-4662
- CVE-2022-4842
- CVE-2022-20132
- CVE-2022-20572
- CVE-2022-21505
- CVE-2022-36280
- CVE-2022-36879
- CVE-2022-39188
- CVE-2022-41218
- CVE-2022-41849
- CVE-2022-41850
- CVE-2022-42328
- CVE-2022-42329
- CVE-2022-47520
- CVE-2022-47929
- CVE-2023-0045
- CVE-2023-0210
- CVE-2023-0266
- CVE-2023-0386
- CVE-2023-0394
- CVE-2023-0461
- CVE-2023-0468
- CVE-2023-1032
- CVE-2023-1073
- CVE-2023-1074
- CVE-2023-1076
- CVE-2023-1077
- CVE-2023-1079
- CVE-2023-1095
- CVE-2023-1118
- CVE-2023-1281
- CVE-2023-1382
- CVE-2023-1390
- CVE-2023-1583
- CVE-2023-1652
- CVE-2023-1670
- CVE-2023-1829
- CVE-2023-1855
- CVE-2023-1872
- CVE-2023-1989
- CVE-2023-1990
- CVE-2023-1998
- CVE-2023-20938
- CVE-2023-22997
- CVE-2023-23454
- CVE-2023-23455
- CVE-2023-23559
- CVE-2023-25012
- CVE-2023-26545
- CVE-2023-26605
- CVE-2023-26606
- CVE-2023-26607
- CVE-2023-28328
- CVE-2023-28466
- CVE-2023-28866
- CVE-2023-30456
Source
Related Link
- https://ubuntu.com/security/notices/USN-6000-1
- https://ubuntu.com/security/notices/USN-6001-1
- https://ubuntu.com/security/notices/USN-6004-1
- https://ubuntu.com/security/notices/USN-6007-1
- https://ubuntu.com/security/notices/USN-6009-1
- https://ubuntu.com/security/notices/USN-6013-1
- https://ubuntu.com/security/notices/USN-6014-1
- https://ubuntu.com/security/notices/USN-6020-1
- https://ubuntu.com/security/notices/LSN-0094-1
- https://ubuntu.com/security/notices/USN-6024-1
- https://ubuntu.com/security/notices/USN-6025-1
- https://ubuntu.com/security/notices/USN-6027-1
- https://ubuntu.com/security/notices/USN-6029-1
- https://ubuntu.com/security/notices/USN-6030-1
- https://ubuntu.com/security/notices/USN-6031-1
- https://ubuntu.com/security/notices/USN-6032-1
- https://ubuntu.com/security/notices/USN-6033-1
- https://ubuntu.com/security/notices/USN-6040-1
- https://ubuntu.com/security/notices/USN-6043-1
- https://ubuntu.com/security/notices/USN-6044-1
- https://ubuntu.com/security/notices/USN-6045-1
- https://www.auscert.org.au/bulletins/ESB-2023.2009
- https://www.auscert.org.au/bulletins/ESB-2023.2011
- https://www.auscert.org.au/bulletins/ESB-2023.2066
- https://www.auscert.org.au/bulletins/ESB-2023.2081
- https://www.auscert.org.au/bulletins/ESB-2023.2109
- https://www.auscert.org.au/bulletins/ESB-2023.2121
- https://www.auscert.org.au/bulletins/ESB-2023.2124
- https://www.auscert.org.au/bulletins/ESB-2023.2221
- https://www.auscert.org.au/bulletins/ESB-2023.2244
- https://www.auscert.org.au/bulletins/ESB-2023.2246
- https://www.auscert.org.au/bulletins/ESB-2023.2251
- https://www.auscert.org.au/bulletins/ESB-2023.2252
- https://www.auscert.org.au/bulletins/ESB-2023.2253
- https://www.auscert.org.au/bulletins/ESB-2023.2367
- https://www.cisa.gov/news-events/alerts/2025/06/17/cisa-adds-one-known-exploited-vulnerability-catalog
Related Tags
Share with