New Linux Kernel Vulnerabilities Addressed in Ubuntu
The Ubuntu security team has addressed several security vulnerabilities within the Linux kernel for both Ubuntu 23.10 and Ubuntu 22.04 LTS releases. These vulnerabilities, if left unpatched, could potentially cause a denial of service (system crash) or disclosure of sensitive information. Let’s delve into the details of these vulnerabilities and understand their implications.
Linux Kernel Vulnerabilities Fixed
CVE-2023-46838 (CVSS v3 Score: 7.5 High)
Pratyush Yadav uncovered a flaw in the Xen network backend implementation within the Linux kernel. This vulnerability arises from improper handling of zero-length data requests, resulting in a null pointer dereference issue. Exploiting this vulnerability could allow an attacker in a guest VM to trigger a denial of service, potentially leading to a host domain crash.
CVE-2023-50431 (CVSS v3 Score: 5.5 Medium)
The Habana’s AI Processors driver exhibited inadequate initialization of certain data structures before passing them to user space, as discovered. This issue could enable a local attacker to access sensitive kernel memory, posing a significant security risk.
CVE-2023-52429, CVE-2024-23851 (CVSS v3 Score: 5.5 Medium)
A security flaw was identified because of the device mapper driver’s improper validation of target size during memory allocations. This could be exploited by a local attacker to trigger a system crash, thereby disrupting system operations.
CVE-2023-6610 (CVSS v3 Score: 7.1 High)
The Linux kernel’s CIFS network file system implementation lacked proper validation of certain Server Message Block (SMB) messages, potentially leading to an out-of-bounds read vulnerability. Attackers could exploit this vulnerability to cause a denial of service attack or gain unauthorized access to sensitive information.
CVE-2024-22705 (CVSS v3 Score: 7.8 High)
Yang Chaoming found an issue within the KSMBD implementation, where request buffer sizes were not properly validated. This flaw could be exploited to cause an out-of-bounds read vulnerability, potentially resulting in a system crash or unauthorized data disclosure.
CVE-2024-23850 (CVSS v3 Score: 5.5 Medium)
Chenyuan Yang discovered a flaw in the Btrfs file system related to read operations on newly created subvolumes under certain conditions. This vulnerability could be exploited by a local attacker to conduct a denial of service attack.
Mitigation Measures
To mitigate these Linux kernel vulnerabilities, it is crucial to update your system with the latest kernel package versions. By promptly applying updates provided by the Ubuntu security team, users can fortify their systems against potential exploits and ensure a secure computing environment. The Debian security team also released security fixes for Debian 12 “Bookworm”, addressing several security issues discovered in the Linux kernel.
Live Patching Linux Kernel with KernelCare Enterprise
The conventional patching method often involves a reboot of the system, causing service disruption and downtime. TuxCare’s KernelCare Enterprise enables live patching for the Linux kernel where security patches are applied while the system is running. This eliminates the need to reboot the system or schedule maintenance windows. Additionally, KernelCare automates the patching process, ensuring security updates are deployed immediately and reducing the window of vulnerability. KernelCare Enterprise has already released patches for the above-mentioned Linux kernel vulnerabilities. Find more information on Live Patches.
Source: USN-6724-2