diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index dbbe431418..c2e1454635 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -23,7 +23,7 @@ on:
 jobs:
   analyze:
     name: Analyze
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     permissions:
       actions: read
       contents: read
diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml
index 05a9b2478b..c915e0dfd5 100644
--- a/.github/workflows/coverity.yml
+++ b/.github/workflows/coverity.yml
@@ -8,7 +8,7 @@ on:
 
 jobs:
   coverity:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     steps:
     - uses: actions/checkout@v3
     - uses: vapier/coverity-scan-action@v1
diff --git a/.github/workflows/cve_scan.yml b/.github/workflows/cve_scan.yml
index 60ec3176b2..7af0bde7ec 100644
--- a/.github/workflows/cve_scan.yml
+++ b/.github/workflows/cve_scan.yml
@@ -8,7 +8,7 @@ on:
 jobs:
   cve_scan:
     name: CVE scan on dependencies
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     timeout-minutes: 10
     steps:
       - uses: actions/checkout@v3
diff --git a/.github/workflows/export_data.yml b/.github/workflows/export_data.yml
index aa6244d1d9..649506a4e7 100644
--- a/.github/workflows/export_data.yml
+++ b/.github/workflows/export_data.yml
@@ -16,7 +16,7 @@ env:
 
 jobs:
   update:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
 
     steps:
       - uses: actions/checkout@v3
diff --git a/.github/workflows/formatting.yml b/.github/workflows/formatting.yml
index b96d95f789..678dd7d0f7 100644
--- a/.github/workflows/formatting.yml
+++ b/.github/workflows/formatting.yml
@@ -10,7 +10,7 @@ on:
 jobs:
   formatting:
     name: Update checkers table
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     steps:
       - uses: actions/checkout@v3
       - uses: actions/setup-python@v4
diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml
index 145103d201..6a89695168 100644
--- a/.github/workflows/linting.yml
+++ b/.github/workflows/linting.yml
@@ -8,7 +8,7 @@ on:
 jobs:
   linting:
     name: Linting
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     strategy:
       fail-fast: false
       matrix:
diff --git a/.github/workflows/sbom.yml b/.github/workflows/sbom.yml
index 7410ee9464..48ee9f76d1 100644
--- a/.github/workflows/sbom.yml
+++ b/.github/workflows/sbom.yml
@@ -9,7 +9,7 @@ on:
 jobs:
   sbom_gen:
     name: Generate SBOM
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     strategy:
       matrix:
         python: ['3.7', '3.8', '3.9', '3.10', '3.11']
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index ee0cc2fc11..a7b70d307e 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -15,7 +15,7 @@ permissions: read-all
 jobs:
   analysis:
     name: Scorecard analysis
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     permissions:
       security-events: write
       id-token: write
diff --git a/.github/workflows/spelling.yml b/.github/workflows/spelling.yml
index 1ff47f68d5..288bb20fb3 100644
--- a/.github/workflows/spelling.yml
+++ b/.github/workflows/spelling.yml
@@ -8,7 +8,7 @@ jobs:
       contents: read
       pull-requests: read
       actions: read
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     steps:
     - uses: actions/checkout@v3
     - uses: check-spelling/check-spelling@v0.0.21
diff --git a/.github/workflows/testing.yml b/.github/workflows/testing.yml
index fdd7d3f34a..0b8597ce47 100644
--- a/.github/workflows/testing.yml
+++ b/.github/workflows/testing.yml
@@ -200,7 +200,7 @@ jobs:
 
   linux-mayfail:
     name: Tests that may fail due to network or HTML
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     timeout-minutes: 45
     env:
       EXTERNAL_SYSTEM: 1
diff --git a/.github/workflows/update-js-dependencies.yml b/.github/workflows/update-js-dependencies.yml
index f486dec4ff..87c6ad328d 100644
--- a/.github/workflows/update-js-dependencies.yml
+++ b/.github/workflows/update-js-dependencies.yml
@@ -12,7 +12,7 @@ on:
 
 jobs:
   update:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
 
     steps:
       - uses: actions/checkout@v3
diff --git a/.github/workflows/update-pre-commit.yml b/.github/workflows/update-pre-commit.yml
index 754ee11807..bd87846997 100644
--- a/.github/workflows/update-pre-commit.yml
+++ b/.github/workflows/update-pre-commit.yml
@@ -12,7 +12,7 @@ on:
 
 jobs:
   update:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
 
     steps:
       - uses: actions/checkout@v3
diff --git a/.github/workflows/update-spdx-header.yml b/.github/workflows/update-spdx-header.yml
index 630a4d76cb..d743580eaf 100644
--- a/.github/workflows/update-spdx-header.yml
+++ b/.github/workflows/update-spdx-header.yml
@@ -13,7 +13,7 @@ on:
 jobs:
   update:
     name: Update spdx header
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
 
     steps:
       - uses: actions/checkout@v3
diff --git a/doc/how_to_guides/cve_scanner_gh_action.md b/doc/how_to_guides/cve_scanner_gh_action.md
index 086f081b42..10cce49650 100644
--- a/doc/how_to_guides/cve_scanner_gh_action.md
+++ b/doc/how_to_guides/cve_scanner_gh_action.md
@@ -18,7 +18,7 @@ on:
   - pull_request
 jobs:
   build_and_scan:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     steps:
       # Get date utility for caching database.
       - name: Get Date
diff --git a/doc/how_to_guides/cve_scanner_gh_action.yml b/doc/how_to_guides/cve_scanner_gh_action.yml
index bc3ffaa08f..b31c2f8f52 100644
--- a/doc/how_to_guides/cve_scanner_gh_action.yml
+++ b/doc/how_to_guides/cve_scanner_gh_action.yml
@@ -5,7 +5,7 @@ on:
   - pull_request
 jobs:
   build_and_scan:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-22.04
     steps:
       # Get date utility for caching database.
       - name: Get Date