Ubuntu 22.10 Users Get New Linux Kernel Security Update, 9 Vulnerabilities Patched
The new kernel security update for Ubuntu 22.10 patches CVE-2022-2196, a vulnerability where the KVM VMX implementation failed to handle indirect branch prediction isolation between L1 and L2 virtual machines, allowing an attacker in a guest virtual machine to expose sensitive information from the host operating system or other guest virtual machines.
Also patched are CVE-2022-42328 and CVE-2022-42329, two race conditions discovered in the Xen network backend driver that could allow an attacker to cause a denial of service (kernel deadlock), as well as CVE-2023-0266, a use-after-free vulnerability discovered in the ALSA (Advanced Linux Sound Architecture) subsystem that could allow a local attacker to crash the system by causing a denial of service.