Kernel Live Patch Security Notice LSN-0085-1

Linux kernel vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 20.04 LTS
– Ubuntu 18.04 LTS
– Ubuntu 16.04 ESM
– Ubuntu 14.04 ESM

Summary

Several security issues were fixed in the kernel.

Software Description

– linux – Linux kernel
– linux-aws – Linux kernel for Amazon Web Services (AWS) systems
– linux-azure – Linux kernel for Microsoft Azure Cloud systems
– linux-gcp – Linux kernel for Google Cloud Platform (GCP) systems
– linux-gke – Linux kernel for Google Container Engine (GKE) systems
– linux-gkeop – Linux kernel for Google Container Engine (GKE) systems
– linux-ibm – Linux kernel for IBM cloud systems
– linux-oem – Linux kernel for OEM systems

Details

Yiqi Sun and Kevin Wang discovered that the cgroups implementation in
the Linux kernel did not properly restrict access to the cgroups v1
release_agent feature. A local attacker could use this to gain
administrative privileges. (CVE-2022-0492)

Nick Gregory discovered that the Linux kernel incorrectly handled
network offload functionality. A local attacker could use this to cause
a denial of service or possibly execute arbitrary code. (CVE-2022-25636)

Update instructions

The problem can be corrected by updating your kernel livepatch to the
following versions:

Ubuntu 20.04 LTS
aws – 85.1
azure – 85.1
gcp – 85.1
generic – 85.1
gke – 85.1
gkeop – 85.1
ibm – 85.1
lowlatency – 85.1

Ubuntu 18.04 LTS
aws – 85.1
azure – 85.1
generic – 85.1
generic – 85.2
gke – 85.1
gkeop – 85.1
ibm – 85.1
lowlatency – 85.1
lowlatency – 85.2
oem – 85.1

Ubuntu 16.04 ESM
aws – 85.1
azure – 85.1
generic – 85.1
lowlatency – 85.1

Ubuntu 14.04 ESM
generic – 85.1
lowlatency – 85.1

Support Information

Kernels older than the levels listed below do not receive livepatch
updates. If you are running a kernel version earlier than the one listed
below, please upgrade your kernel as soon as possible.

Ubuntu 20.04 LTS
linux-aws – 5.4.0-1009
linux-azure – 5.4.0-1010
linux-gcp – 5.4.0-1009
linux-gke – 5.4.0-1033
linux-gkeop – 5.4.0-1009
linux-ibm – 5.4.0-1009
linux-oem – 5.4.0-26
linux – 5.4.0-26

Ubuntu 18.04 LTS
linux-aws – 4.15.0-1054
linux-azure-4.15 – 4.15.0-1115
linux-azure-5.4 – 5.4.0-1069
linux-gke-4.15 – 4.15.0-1076
linux-gke-5.4 – 5.4.0-1009
linux-gkeop-5.4 – 5.4.0-1007
linux-hwe-5.4 – 5.4.0-26
linux-ibm-5.4 – 5.4.0-1009
linux-oem – 4.15.0-1063
linux – 4.15.0-69

Ubuntu 16.04 ESM
linux-aws – 4.4.0-1098
linux-azure – 4.15.0-1063
linux-hwe – 4.15.0-69
linux – 4.4.0-168

Ubuntu 14.04 ESM
linux-lts-xenial – 4.4.0-168

References

– CVE-2022-0492
– CVE-2022-25636

آسیب‌پذیری‌های جدید و وصله‌های امنیتی به‌صورت مداوم منتشر می‌شوند و عدم بروزرسانی به‌موقع می‌تواند امنیت سرویس‌های حیاتی را به خطر بیندازد. خدمات مدیریت و پشتیبانی سرور آفاق هاستینگ شامل پایش امنیتی، بروزرسانی نرم‌افزارها، نصب Patchهای امنیتی و سخت‌سازی سرورها است.

خدمات مدیریت و امنیت سرور

نوشته های مشابه

CVE-2026-12183 – Nefteprodukttekhnika BUK TS-G Improper Authentication

CVE-2026-6428 – Koha SQL Injection

CVE-2026-5513 – Online Scheduling and Appointment Booking System – Bookly

CVE-2026-11624 – Model Context Protocol DNS Rebinding Vulnerability