---

Ubuntu Users Get Small Linux Kernel Security Update with Only Two Flaws Patched

The new Linux kernel update comes just a few days after the previous Ubuntu major update one and only patches two flaws, namely CVE-2022-1055, a use-after-free vulnerability discovered in the network traffic control implementation, and CVE-2022-27666, a security issue discovered in the IPsec implementation that could lead to a heap-based buffer overflow.

Both of these flaws could allow a local attacker to crash the vulnerable system by causing a denial of service or possibly execute arbitrary code, but the CVE-2022-1055 flaw could also allow a local attacker to gain privilege escalation. As such, CVE-2022-1055 is marked with a “high” priority while CVE-2022-27666 has a priority status of “medium”.

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis