ClickCease New Security Vulnerabilities Discovered in the Linux Kernel

Content Table

Join Our Popular Newsletter

Join 4,500+ Linux & Open Source Professionals!

2x a month. No spam.

New Security Vulnerabilities Discovered in the Linux Kernel

Rohan Timalsina

June 8, 2023 - TuxCare expert team

The Linux kernel has a number of newly discovered security vulnerabilities that can be used to escalate local privileges or crash the system. These vulnerabilities have the potential to have serious effects, according to the National Vulnerability Database (NVD), which rated their severity as “high”. It is important to address these vulnerabilities promptly to mitigate potential risks.


Linux Kernel Security Vulnerabilities

brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c allows a slab-out-of-bound read vulnerability in the Linux kernel. It is because assoc_info->req_len data exceeds the buffer size defined as WL_EXTRA_BUF_MAX. As a result, this vulnerability causes a denial of service.


When the value of lmax exceeds QFQ_MIN_LMAX, an out-of-bounds write vulnerability occurs prior to Linux kernel version 6.2.13. This results in unauthorized write operations outside the intended boundaries.


A use-after-free vulnerability in Netfilter nf_tables of the Linux kernel 6.3 .1 when processing batch requests, allowing malicious actors to carry out arbitrary read and write operations on kennel memory. Unprivileged local users can gain root privileges on the exploitation of this vulnerability.


This is an out-of-bounds memory access vulnerability found in the XFS file system of the Linux kernel in how a user restores an XFS image after failure with a dirty log journal. A local user can use this flaw to crash the system or escalate their privileges.


A use-after-free vulnerability in the io_uring subsystem of the Linux kernel can be exploited to gain local privilege escalation. During the error, both io_install_fixed_file and its callers call fput in a file, causing a reference underflow, which leads to this vulnerability.


A vulnerability was detected in Netfilter within the Linux kernel prior to version 5.10. The issue involves a use-after-free condition occurring in the packet processing context. This vulnerability arises due to the mishandling of per-CPU sequence count during the concurrent replacement of iptables rules.


Protect Your System against Linux Security Vulnerabilities

Live Patching

Maintaining the security and stability of your system requires regular patching and thorough testing of vulnerabilities and bugs. By doing so, you can proactively address potential security risks and prevent exposure without having to rely on maintenance windows provided by the original vendor. This approach adds an extra layer of protection to an organization’s vulnerability management strategy.

To streamline this process, KernelCare Enterprise offers automated security patching without reboots or downtimes. KernelCare enables faster deployment of patches, minimizing system downtime and ensuring that critical security updates are implemented as soon as they are available.


Extended Lifecycle Support

Is your Linux distribution already beyond its End of Life? If yes, TuxCare’s Extended Lifecycle Support is an excellent option that provides automated vulnerability patches for your EOL systems for up to four years past the EOL date. With Extended Lifecycle Support, we keep track of critical Linux kernel vulnerabilities and security issues related to the operating system.

If you have specific requirements for your organization, speak to a TuxCare expert, and they will discuss with you to understand your unique needs and provide the best solution accordingly.


The sources for this article include a story from

New Security Vulnerabilities Discovered in the Linux Kernel
Article Name
New Security Vulnerabilities Discovered in the Linux Kernel
According to the NVD, the Linux kernel has been identified with several newly discovered security vulnerabilities having high severity.
Publisher Name
Publisher Logo

Looking to automate vulnerability patching without kernel reboots, system downtime, or scheduled maintenance windows?

Learn About Live Patching with TuxCare

Become a TuxCare Guest Writer

Get started




Linux & Open Source

Subscribe to
our newsletter