Pop Feed Daily

Home / news

What Ubuntu versions are affected by CVE-2022-0847 [duplicate]

Joseph Russell |

I have been informed about the CVE-2022-0847 vulnerability. I'm wondering what versions of Ubuntu are affected by such a bug.

5

4 Answers

I can confirm that kernel versions 5.13.0-28-generic and 5.11.0-40-generic for Ubuntu 20.04 are affected.

Given the incredible severity of this CVE, I did a lot of research on this.

Yes, this has been patched and pushed (as of 2022-03-08) for 21.10 (Impish).

Update 2022-03-09:

A comment below (@fuzzydrawings), mentioned the fix was pushed to 20.04 (focal) as of 2022-03-08. I believe various versions of 18.04 (bionic) have been released as well. I have linked the commits for impish and bionic below.

Also:

can be helpful, and is the notice for this CVE. However it only mentions 21.10 and 20.04 LTS. I linked below to the commits for bionic that contain the fix.

21.10 (impish)

After I did a sudo apt update, I did asudo apt list --upgradable to see if the kernel was updated. It was.

The important line is here:linux-generic/impish-updates 5.13.0.35.44 amd64

Googling for the answer didn't come up with any clear answers. So I went to the ubuntu git repository at:

(this URL is specific to impish)

You can then see that this version contains the patch from Max Kellerman:

The following commit tags it:

linux (5.13.0-35.40) impish; urgency=medium

20.04 (focal)

the two kernel versions have received the update (5.4 and 5.13 HWE). Here are the commits:

18.04 (bionic)

the two kernel versions have received the update (4.15 and 5.4 HWE). Here are the commits:

6

It's very likely that all Ubuntu releases with 5.8 kernels or later are currently affected as no patches for this have been released at this moment.

2

All ubuntu versions without patch linux-generic-hwe-20.04 from version 5.13.0.35.40~20.04.20 are affected by CVE-2022-0847

How to check it:

  1. run terminal
  2. run command: apt list --installed | grep linux-generic

If you see message (command run on ubuntu 20.04) linux-generic-hwe-20.04/focal-updates,focal-security,now 5.13.0.35.40~20.04.20 amd64 [installed] it means, that patch is applied and is't affect on your ubuntu.

How to install it:

  1. run terminal
  2. run command: sudo apt-get install linux-generic-hwe-20.04
  3. confirm it by pressing Y key.

You Might Also Like