After a longer-than-expected break, the Ubuntu Security Podcast is back, covering some highlights of the various security items planned during the 23.04 development cycle, our entrance into the fediverse of Mastodon, some open positions on the team and some of the details of the various security updates from the past week.
67 unique CVEs addressed
io_uring
-> UAF (from Pwn2Own 2022)CAP_NET_ADMIN
but this can be obtained from
within an unprivileged user namespace
canonical-livepatch status
Kernel type | 22.04 | 20.04 | 18.04 |
---|---|---|---|
aws | 90.3 | 90.2 | — |
aws-5.15 | — | 90.3 | — |
aws-5.4 | — | — | 90.2 |
azure | 90.2 | 90.2 | — |
azure-5.4 | — | — | 90.2 |
gcp | 90.3 | 90.2 | — |
gcp-5.15 | — | 90.3 | — |
gcp-5.4 | — | — | 90.2 |
generic-5.4 | — | 90.2 | 90.2 |
gke | 90.3 | 90.2 | — |
gke-5.15 | — | 90.3 | — |
gke-5.4 | — | — | 90.2 |
gkeop | — | 90.2 | — |
gkeop-5.4 | — | — | 90.2 |
ibm | 90.2 | 90.2 | — |
ibm-5.4 | — | — | 90.2 |
linux | 90.2 | — | — |
lowlatency | 90.2 | — | — |
lowlatency-5.4 | — | 90.2 | 90.2 |
/dev/shm
and
the other around the handling of UNIX domain sockets - could be combined
together with another unspecified vulnerability in a different component
installed by default on Ubuntu Server 22.04 to achieve privilege escalation to
root - will be interesting to find out what this other vulnerability is in the
futureio_uring
mediation