Latest Ubuntu Security Updates: Fixing Linux Kernel Vulnerabilities

Rohan Timalsina

May 21, 2024 - TuxCare expert team

Several vulnerabilities have been discovered in the Linux kernel that could lead to privilege escalation, denial of service, or information leaks. The Ubuntu security team has addressed these issues in the latest Ubuntu security updates for multiple releases. In this article, we will explore some of the vulnerabilities fixed and learn how to apply updates without rebooting the system.

Linux Kernel Vulnerabilities Fixed in Ubuntu

CVE-2024-23849

Chenyuan Yang discovered that the RDS Protocol implementation in the Linux kernel contained an out-of-bounds read vulnerability. This flaw could potentially allow an attacker to cause a denial of service (system crash) by exploiting this vulnerability.

CVE-2023-52524

In the Linux kernel, a vulnerability in the NFC subsystem was identified. The vulnerability involved the device list not being properly locked when modified, which could lead to corruption of the list. This issue was discovered by syzbot and has now been resolved by adding the necessary lock.

CVE-2024-26593

This vulnerability in the I2C subsystem was related to the i2c-i801 driver. According to Intel datasheets, the block buffer index must be reset twice during block process call transactions: once before writing outgoing data to the buffer, and once before reading incoming data. The driver was missing the second reset, leading to the wrong portion of the block buffer being read.

Other Affected Subsystems

These are just a few examples, and the updates addressed vulnerabilities in various subsystems of the kernel, including:

ARM64 architecture
PowerPC architecture
S390 architecture
Block layer subsystem
Android drivers
Hardware random number generator core
GPU drivers
Hardware monitoring drivers
I2C subsystem
IIO Magnetometer sensor drivers
InfiniBand drivers
Network drivers
PCI driver for MicroSemi Switchtec
PHY drivers
Ceph distributed file system
Ext4 file system
JFS file system
NILFS2 file system
Pstore file system
Core kernel
Memory management
CAN network layer
Networking core
IPv4 networking
Logical Link layer
Netfilter
NFC subsystem
SMC sockets
Sun RPC protocol
TIPC protocol
Realtek audio codecs

Addressing Linux Kernel Vulnerabilities

These security issues could potentially allow attackers to compromise the system. It is crucial to address these vulnerabilities promptly to maintain system security. The most straightforward way to fix these issues is by updating your system to the latest package versions provided by your Linux distribution. Typically, updates require a system reboot to take effect, which can be disruptive, especially for critical systems that need to run continuously. However, there is a more efficient way to handle these updates without downtime: live kernel patching.

What is Live Kernel Patching?

Live kernel patching allows you to apply security patches to the running kernel without requiring a reboot. This is particularly useful for servers and systems that need to maintain high availability. One such solution is TuxCare’s KernelCare Enterprise, which offers automated live patching for all popular Linux distributions, including Ubuntu, Debian, RHEL, CentOS, AlmaLinux, Rocky Linux, CloudLinux, and more. By using live kernel patching, you can ensure that your system remains secure and up to date without the disruption caused by rebooting.

Conclusion

The recent vulnerabilities discovered in the Linux kernel highlight the importance of timely updates. By utilizing live kernel patching solutions like KernelCare Enterprise, you can mitigate these risks effectively without sacrificing system uptime. This approach helps maintain continuous operation and reduces the risk of vulnerabilities being exploited during the patching process.

Send patching-related questions to a TuxCare security expert to get advice on modernizing your Linux patching strategy.

Source: USN-6767-1

Summary