ClickCease Latest Ubuntu Security Updates: Fixing Linux Kernel Vulnerabilities

Join Our Popular Newsletter

Join 4,500+ Linux & Open Source Professionals!

2x a month. No spam.

Latest Ubuntu Security Updates: Fixing Linux Kernel Vulnerabilities

by Rohan Timalsina

May 21, 2024 - TuxCare expert team

Several vulnerabilities have been discovered in the Linux kernel that could lead to privilege escalation, denial of service, or information leaks. The Ubuntu security team has addressed these issues in the latest Ubuntu security updates for multiple releases. In this article, we will explore some of the vulnerabilities fixed and learn how to apply updates without rebooting the system.

 

Linux Kernel Vulnerabilities Fixed in Ubuntu

 

CVE-2024-23849

Chenyuan Yang discovered that the RDS Protocol implementation in the Linux kernel contained an out-of-bounds read vulnerability. This flaw could potentially allow an attacker to cause a denial of service (system crash) by exploiting this vulnerability.

 

CVE-2023-52524

In the Linux kernel, a vulnerability in the NFC subsystem was identified. The vulnerability involved the device list not being properly locked when modified, which could lead to corruption of the list. This issue was discovered by syzbot and has now been resolved by adding the necessary lock.

 

CVE-2024-26593

This vulnerability in the I2C subsystem was related to the i2c-i801 driver. According to Intel datasheets, the block buffer index must be reset twice during block process call transactions: once before writing outgoing data to the buffer, and once before reading incoming data. The driver was missing the second reset, leading to the wrong portion of the block buffer being read.

 

Other Affected Subsystems

These are just a few examples, and the updates addressed vulnerabilities in various subsystems of the kernel, including:

  • ARM64 architecture
  • PowerPC architecture
  • S390 architecture
  • Block layer subsystem
  • Android drivers
  • Hardware random number generator core
  • GPU drivers
  • Hardware monitoring drivers
  • I2C subsystem
  • IIO Magnetometer sensor drivers
  • InfiniBand drivers
  • Network drivers
  • PCI driver for MicroSemi Switchtec
  • PHY drivers
  • Ceph distributed file system
  • Ext4 file system
  • JFS file system
  • NILFS2 file system
  • Pstore file system
  • Core kernel
  • Memory management
  • CAN network layer
  • Networking core
  • IPv4 networking
  • Logical Link layer
  • Netfilter
  • NFC subsystem
  • SMC sockets
  • Sun RPC protocol
  • TIPC protocol
  • Realtek audio codecs

 

Addressing Linux Kernel Vulnerabilities

 

These security issues could potentially allow attackers to compromise the system. It is crucial to address these vulnerabilities promptly to maintain system security. The most straightforward way to fix these issues is by updating your system to the latest package versions provided by your Linux distribution. Typically, updates require a system reboot to take effect, which can be disruptive, especially for critical systems that need to run continuously. However, there is a more efficient way to handle these updates without downtime: live kernel patching.

 

What is Live Kernel Patching?

 

Live kernel patching allows you to apply security patches to the running kernel without requiring a reboot. This is particularly useful for servers and systems that need to maintain high availability. One such solution is TuxCare’s KernelCare Enterprise, which offers automated live patching for all popular Linux distributions, including Ubuntu, Debian, RHEL, CentOS, AlmaLinux, Rocky Linux, CloudLinux, and more. By using live kernel patching, you can ensure that your system remains secure and up to date without the disruption caused by rebooting.

 

Conclusion

 

The recent vulnerabilities discovered in the Linux kernel highlight the importance of timely updates. By utilizing live kernel patching solutions like KernelCare Enterprise, you can mitigate these risks effectively without sacrificing system uptime. This approach helps maintain continuous operation and reduces the risk of vulnerabilities being exploited during the patching process.

Send patching-related questions to a TuxCare security expert to get advice on modernizing your Linux patching strategy.

 

Source: USN-6767-1

Summary
Latest Ubuntu Security Updates: Fixing Linux Kernel Vulnerabilities
Article Name
Latest Ubuntu Security Updates: Fixing Linux Kernel Vulnerabilities
Description
Discover the recent Ubuntu security updates addressing Linux kernel vulnerabilities and learn how to how to stay secure without downtime.
Author
Publisher Name
TuxCare
Publisher Logo

Looking to automate vulnerability patching without kernel reboots, system downtime, or scheduled maintenance windows?

Become a TuxCare Guest Writer

Mail

Help Us Understand
the Linux Landscape!

Complete our survey on the state of Open Source and you could win one of several prizes, with the top prize valued at $500!

Your expertise is needed to shape the future of Enterprise Linux!