Ubuntu Linux Kernel Multiple Vulnerabilities
RISK: Medium Risk
TYPE: Operating Systems - Linux
Multiple vulnerabilities were identified in Ubuntu Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege, remote code execution and sensitive information disclosure on the targeted system.
Note:
Exploit in the wild has been detected for CVE-2023-0386. Unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. The vulnerability potentially allows a local attacker to escalate the privileges on the targeted system.
[Updated on 2023-05-08]
Updated Solutions, Vulnerability Identifier and Related Links.
[Updated on 2023-05-11]
Updated Solutions, Vulnerability Identifier and Related Links.
[Updated on 2023-05-17]
Updated System / Technologies affected, Solutions, Vulnerability Identifier and Related Links.
[Updated on 2023-05-22]
Updated Solutions, Vulnerability Identifier and Related Links.
[Updated on 2023-05-23]
Updated Solutions, Vulnerability Identifier and Related Links.
[Updated on 2023-05-29]
Updated Solutions and Related Links.
[Updated on 2023-05-31]
Updated Solutions, Vulnerability Identifier and Related Links.
[Updated on 2025-06-18]
Updated Description and Related Links.
Impact
- Denial of Service
- Remote Code Execution
- Elevation of Privilege
- Information Disclosure
System / Technologies affected
- Ubuntu 14.04 ESM
- Ubuntu 16.04 ESM
- Ubuntu 18.04 ESM
- Ubuntu 20.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 22.10
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
- https://ubuntu.com/security/notices/USN-6047-1
- https://ubuntu.com/security/notices/USN-6051-1
- https://ubuntu.com/security/notices/USN-6052-1
- https://ubuntu.com/security/notices/USN-6056-1
- https://ubuntu.com/security/notices/USN-6057-1
- https://ubuntu.com/security/notices/USN-6058-1
- https://ubuntu.com/security/notices/USN-6069-1
- https://ubuntu.com/security/notices/USN-6070-1
- https://ubuntu.com/security/notices/USN-6071-1
- https://ubuntu.com/security/notices/USN-6072-1
- https://ubuntu.com/security/notices/USN-6079-1
- https://ubuntu.com/security/notices/USN-6080-1
- https://ubuntu.com/security/notices/USN-6081-1
- https://ubuntu.com/security/notices/USN-6084-1
- https://ubuntu.com/security/notices/USN-6085-1
- https://ubuntu.com/security/notices/USN-6089-1
- https://ubuntu.com/security/notices/USN-6090-1
- https://ubuntu.com/security/notices/USN-6091-1
- https://ubuntu.com/security/notices/USN-6092-1
- https://ubuntu.com/security/notices/USN-6093-1
- https://ubuntu.com/security/notices/USN-6094-1
- https://ubuntu.com/security/notices/USN-6095-1
- https://ubuntu.com/security/notices/USN-6096-1
- https://ubuntu.com/security/notices/USN-6109-1
- https://ubuntu.com/security/notices/USN-6118-1
- https://ubuntu.com/security/notices/USN-6122-1
- https://ubuntu.com/security/notices/USN-6123-1
- https://ubuntu.com/security/notices/USN-6124-1
Vulnerability Identifier
- CVE-2022-2590
- CVE-2022-3108
- CVE-2022-3303
- CVE-2022-3586
- CVE-2022-3707
- CVE-2022-3903
- CVE-2022-4095
- CVE-2022-4129
- CVE-2022-4139
- CVE-2022-4662
- CVE-2022-4842
- CVE-2022-27672
- CVE-2022-36280
- CVE-2022-40307
- CVE-2022-47929
- CVE-2022-48423
- CVE-2022-48424
- CVE-2023-0210
- CVE-2023-0386
- CVE-2023-0394
- CVE-2023-0458
- CVE-2023-0459
- CVE-2023-0468
- CVE-2023-1073
- CVE-2023-1074
- CVE-2023-1075
- CVE-2023-1078
- CVE-2023-1118
- CVE-2023-1281
- CVE-2023-1513
- CVE-2023-1652
- CVE-2023-1670
- CVE-2023-1829
- CVE-2023-1859
- CVE-2023-1872
- CVE-2023-2162
- CVE-2023-2612
- CVE-2023-20938
- CVE-2023-21102
- CVE-2023-21106
- CVE-2023-23454
- CVE-2023-23455
- CVE-2023-26544
- CVE-2023-26545
- CVE-2023-26606
- CVE-2023-30456
- CVE-2023-32233
- CVE-2023-32269
Source
Related Link
- https://ubuntu.com/security/notices/USN-6047-1
- https://ubuntu.com/security/notices/USN-6051-1
- https://ubuntu.com/security/notices/USN-6052-1
- https://ubuntu.com/security/notices/USN-6056-1
- https://ubuntu.com/security/notices/USN-6057-1
- https://ubuntu.com/security/notices/USN-6058-1
- https://ubuntu.com/security/notices/USN-6069-1
- https://ubuntu.com/security/notices/USN-6070-1
- https://ubuntu.com/security/notices/USN-6071-1
- https://ubuntu.com/security/notices/USN-6072-1
- https://ubuntu.com/security/notices/USN-6079-1
- https://ubuntu.com/security/notices/USN-6080-1
- https://ubuntu.com/security/notices/USN-6081-1
- https://ubuntu.com/security/notices/USN-6084-1
- https://ubuntu.com/security/notices/USN-6085-1
- https://ubuntu.com/security/notices/USN-6089-1
- https://ubuntu.com/security/notices/USN-6090-1
- https://ubuntu.com/security/notices/USN-6091-1
- https://ubuntu.com/security/notices/USN-6092-1
- https://ubuntu.com/security/notices/USN-6093-1
- https://ubuntu.com/security/notices/USN-6094-1
- https://ubuntu.com/security/notices/USN-6095-1
- https://ubuntu.com/security/notices/USN-6096-1
- https://ubuntu.com/security/notices/USN-6109-1
- https://ubuntu.com/security/notices/USN-6118-1
- https://ubuntu.com/security/notices/USN-6122-1
- https://ubuntu.com/security/notices/USN-6123-1
- https://ubuntu.com/security/notices/USN-6124-1
- https://www.auscert.org.au/bulletins/ESB-2023.2419
- https://www.auscert.org.au/bulletins/ESB-2023.2427
- https://www.auscert.org.au/bulletins/ESB-2023.2429
- https://www.auscert.org.au/bulletins/ESB-2023.2517
- https://www.auscert.org.au/bulletins/ESB-2023.2519
- https://www.auscert.org.au/bulletins/ESB-2023.2520
- https://www.auscert.org.au/bulletins/ESB-2023.2640
- https://www.auscert.org.au/bulletins/ESB-2023.2641
- https://www.auscert.org.au/bulletins/ESB-2023.2642
- https://www.auscert.org.au/bulletins/ESB-2023.2643
- https://www.auscert.org.au/bulletins/ESB-2023.2869
- https://www.auscert.org.au/bulletins/ESB-2023.2870
- https://www.auscert.org.au/bulletins/ESB-2023.2912
- https://www.auscert.org.au/bulletins/ESB-2023.2913
- https://www.auscert.org.au/bulletins/ESB-2023.2914
- https://www.auscert.org.au/bulletins/ESB-2023.2915
- https://www.auscert.org.au/bulletins/ESB-2023.2968
- https://www.auscert.org.au/bulletins/ESB-2023.2976
- https://www.auscert.org.au/bulletins/ESB-2023.2977
- https://www.auscert.org.au/bulletins/ESB-2023.2978
- https://www.auscert.org.au/bulletins/ESB-2023.3049
- https://www.auscert.org.au/bulletins/ESB-2023.3075
- https://www.auscert.org.au/bulletins/ESB-2023.3080
- https://www.auscert.org.au/bulletins/ESB-2023.3081
- https://www.auscert.org.au/bulletins/ESB-2023.3082
- https://www.cisa.gov/news-events/alerts/2025/06/17/cisa-adds-one-known-exploited-vulnerability-catalog
Related Tags
Share with