ClickCease Ubuntu Kernel Updates Patch Two Local Privilege Escalation Flaws

Content Table

Join Our Popular Newsletter

Join 4,500+ Linux & Open Source Professionals!

2x a month. No spam.

New Ubuntu Kernel Updates Patch Two Local Privilege Escalation Flaws

Rohan Timalsina

May 11, 2023 - TuxCare expert team

Canonical released new Ubuntu kernel updates to patch two security vulnerabilities that allow an attacker to escalate their privileges on the system. The security updates are available for Ubuntu 22.10 and Ubuntu 22.04 LTS using Linux kernel 5.19 as well as Ubuntu 22.04 LTS and Ubuntu 20.04 LTS using Linux kernel 5.15 LTS.

 

Local Privilege Escalation Vulnerabilities

One vulnerability addressed in this update is CVE-2023-1829, which was found in the tcindex filter of the Linux Kernel. The tcindex_delete function, responsible for deleting the underlying structure, does not properly deactivate filters in the event of perfect hashes.

As a result, the structure can be double-freed, potentially leading to a privilege escalation attack. A local attacker user can use this vulnerability to elevate its privileges to root. Canonical points out that in order to fix this problem, it was necessary to disable kernel support for the TCINDEX classifier.

Another vulnerability patched in this update is CVE-2023-0386, which was found in the OverlayFS subsystem of the Linux kernel, enabling unauthorized access to the setuid file with capabilities. Specifically, the bug occurs when a user copies a capable file from a nosuid mount into another mount, leading to an issue with uid mapping. This vulnerability can be exploited by a local user to escalate their privileges on the system.

Thus, it is recommended for all affected users apply the kernel security updates immediately.

The new kernel versions are as follows:

  • linux-image 5.19.0-41.42 for Ubuntu 22.10
  • linux-image 5.19.0-41.42~22.04.1 for Ubuntu 22.04 LTS using Linux 5.19 HWE
  • linux-image 5.15.0.71.69 for Ubuntu 22.04 LTS
  • linux-image 5.15.0-71.78~20.04.1 for Ubuntu 20.04 LTS using Linux 5.15 HWE

Maintaining kernel security is critical for ensuring system security and uptime. KernelCare Enterprise provides security for Linux kernels, allowing you to live patch all popular distributions without system restart or downtimes.  To learn how KernelCare’s live patching works, read the process here.

 

The sources for this article include a story from 9to5Linux.

Summary
Ubuntu Kernel Updates Patch Two Local Privilege Escalation Flaws
Article Name
Ubuntu Kernel Updates Patch Two Local Privilege Escalation Flaws
Description
New Ubuntu kernel updates patch two security vulnerabilities that allow an attacker to escalate their privileges on the system.
Author
Publisher Name
TuxCare
Publisher Logo

Looking to automate vulnerability patching without kernel reboots, system downtime, or scheduled maintenance windows?

Learn About Live Patching with TuxCare

Become a TuxCare Guest Writer

Get started

Mail

Join

4,500

Linux & Open Source
Professionals!

Subscribe to
our newsletter