Multiple Linux Kernel Vulnerabilities Lead to Denial of Service
Several vulnerabilities have been identified in the Linux kernel, potentially leading to denial of service or privilege escalation. However, the good news is the patches are already available for them. Ubuntu and Debian have already released them in the new Linux kernel security update.
Recent Linux Kernel Vulnerabilities and Fixes
Below are some of the notable vulnerabilities that have been patched:
CVE-2023-6270 (Cvss 3 Severity Score: 7.0 High)
A race condition was found in the Linux kernel’s ATA over Ethernet (AoE) driver. The issue lies in the aoecmd_cfg_pkts() function which improperly updates the reference count on struct net_device, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code.
CVE-2023-7042 (Cvss 3 Severity Score: 5.5 Medium)
Atheros 802.11ac wireless driver in the Linux kernel failed to properly validate certain data structures, causing a NULL pointer dereference. An attacker could exploit this to cause a denial of service.
CVE-2024-0841 (Cvss 3 Severity Score: 7.8 High)
A null pointer dereference vulnerability was found in the HugeTLB file system component of the Linux kernel. A local user could use this to crash the system or potentially escalate privileges.
CVE-2024-22099 (Cvss 3 Severity Score: 5.5 Medium)
Another NULL pointer dereference flaw was discovered in the Linux kernel’s Bluetooth RFCOMM protocol driver. The issue relates to overflow buffers in the net/bluetooth/rfcomm/core.c file. An attacker could possibly use this to cause a denial of service.
CVE-2024-27432
It was found that the Linux kernel’s MediaTek SoC Gigabit Ethernet driver had a race condition when stopping the device. A local attacker could potentially exploit this to cause a denial of service, leading to device unavailability.
Patching Linux Kernel Vulnerabilities
It is crucial to update your Linux kernel to the latest kernel version where these vulnerabilities have been fixed. Here are the steps to follow:
Perform a standard system update. On Ubuntu, you can do this by running these commands:
$ sudo apt update
$ sudo apt upgrade
After this, reboot your computer to complete the update. This is crucial for kernel updates to take effect.
For critical systems where rebooting is not feasible, consider using live patching. Live patching allows you to apply security updates to a running kernel without rebooting the system. KernelCare Enterprise offers automated live patching for all popular Linux distributions, including Ubuntu, Debian, AlmaLinux, RHEL, CentOS, CloudLinux, Amazon Linux, Oracle Linux, and more.
Conclusion
Regular updates and monitoring security advisories are key to maintaining a secure Linux environment. By staying informed about Linux kernel vulnerabilities and promptly applying security updates, you can protect your systems from potential exploits.
Send patching-related questions to a TuxCare security expert to learn about modernizing your Linux patching strategy with automated and rebootless patching.
Source: USN-6821-2