[FIX] Is CVE-2022-0847 affecting Ubuntu?

Question

I have been informed about the CVE-2022-0847 vulnerability. I’m wondering what versions of Ubuntu are affected by such a bug.

Click Here to see answer

solved 0
payam 7 months 2022-03-08T11:16:02+00:00 3 Answers 162 views

Answers ( 3 )

  1. 2022-03-08T14:37:33+00:00

    Why ask us? Canonical has a website for this ubuntu.com/security/CVE-2022-0847 “needs triage” so it is unclear at this moment –

    Best answer
  2. 2022-03-09T06:34:07+00:00

    I can confirm that kernel versions 5.13.0-28-generic and 5.11.0-40-generic for Ubuntu 20.04 are affected.

  3. 2022-03-09T06:34:23+00:00

    Yes, this has been patched and pushed (as of 2022-03-08) for 21.10 (Impish).

    After I did a sudo apt update, I did a sudo apt list –upgradable to see if the kernel was updated. It was.

    The important line is here: linux-generic/impish-updates 5.13.0.35.44 amd64

    Googling for the answer didn’t come up with any clear answers. So I went to the ubuntu git repository at:

    https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/impish

    (this URL is specific to impish)

    You can then see that this version contains the patch from Max Kellerman: https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/impish/commit/?id=181cbcef9f8c158189a3b1094c532b6686f14acf

    The following commit tags it: https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/impish/commit/?id=b07bbb7a296b9be80e48973bba8b03fb1101547f

    linux (5.13.0-35.40) impish; urgency=medium

Leave an answer

By answering, you agree to the Terms of Service and Privacy Policy.