Patching Recent Linux Kernel Vulnerabilities with KernelCare
Several security vulnerabilities were discovered in the Linux kernel. These issues could potentially be exploited by malicious actors to compromise system integrity and steal sensitive data. In this article, we will explore the details of these vulnerabilities, explaining their potential impact and providing guidance to protect your Linux systems without downtime.
Linux Kernel Vulnerabilities Details
A vulnerability was found in the Linux kernel’s ARM SCMI firmware. Incorrectly handling reset domain requests could potentially allow unauthorized access to system memory. This issue has been fixed by adding a security check to prevent out-of-bound access.
Another security issue was discovered in the GSM modem (n_gsm) driver of the Linux kernel. Incorrect handling of incoming data could lead to the driver accessing memory outside its allocated area. This problem was caused by errors in managing data length and mode transitions. The fix involves stricter data length checks and improved state management to prevent data overruns.
A vulnerability was found in the Linux kernel’s TLS (Transport Layer Security) implementation related to how encryption requests are handled. Under certain conditions, the system could incorrectly handle delayed or queued encryption tasks, leading to unexpected behavior. This issue has been resolved by improving the management of these requests and ensuring correct error handling.
A critical issue was discovered in the Linux kernel’s TLS (Transport Layer Security) system. Under certain conditions, the software could attempt to use data that had already been released from memory, leading to a system crash. This problem occurred when a network device handling TLS encryption was temporarily disabled and then re-enabled. The fix involves keeping necessary data active until it’s no longer needed and implementing alternative methods to handle data processing when the hardware acceleration is unavailable. Additionally, the software has been modified to prevent unnecessary actions when the network device is in a degraded state.
A potential issue was identified in the Linux kernel’s TLS (Transport Layer Security) system where the order of tasks could cause problems. This could lead to unexpected behavior when sending data. The issue has been resolved by changing the order in which certain operations occur to prevent conflicts.
A potential issue was found in the Linux kernel’s TLS (Transport Layer Security) system related to the timing of operations. This could result in accessing data that had already been released from memory. The problem was fixed by improving the synchronization between different parts of the system, ensuring that data is not accessed before it is safely available.
Also Read: CISA Alert: Urgent Patching Required for Linux Kernel Vulnerability
Securing Your Linux Systems
The vulnerabilities described above pose a significant threat to the security and integrity of affected Linux systems. Malicious actors could gain unauthorized access to systems and critical systems could be disrupted or rendered unavailable. To protect your system from Linux kernel vulnerabilities, it is essential to apply the available security updates as soon as possible.
Canonical has released security updates to address these vulnerabilities in Ubuntu 20.04 LTS and Ubuntu 18.04 ESM. Ubuntu users running these versions are strongly advised to update their systems immediately.
Since Ubuntu 18.04 has reached the end of its standard support lifecycle, obtaining security updates will require a paid subscription. The Ubuntu Pro subscription provides the Extended Security Maintenance (ESM) version, which can be a costly option if you only need to patch the systems.
As an alternative, you can consider using TuxCare’s Extended Lifecycle Support (ELS) service. It offers five years of vendor-grade security patches for Ubuntu 18.04 after the official end-of-life period, at a more affordable price point compared to Ubuntu Pro.
Also Read: Linux Kernel Vulnerabilities Addressed in Ubuntu 18.04
Linux Kernel Live Patching
Traditionally, patching the Linux kernel required system reboots, leading to disruptions in services and potential revenue loss. But that’s not the case with live patching. Live patching allows applying kernel updates without requiring a system reboot. This means enhanced system uptime, reduced risk of vulnerabilities, and improved overall system stability.
TuxCare’s KernelCare Enterprise offers automated live patching services for all major Linux distributions, including Ubuntu, Debian, RHEL, CentOS, AlmaLinux, Rocky Linux, Amazon Linux, CloudLinux, and more. By utilizing KernelCare, businesses can significantly improve their security posture and operational efficiency.
The KernelCare team is actively working to deploy live patches for the above Linux kernel vulnerabilities. Some of these patches have already been released and are available across various Linux distributions.
To track the status of these vulnerability patches, you can refer to the CVE Tracker. It provides up-to-date information on the specific vulnerabilities, the affected systems, and the availability of live patches from the KernelCare team.
Conclusion
The discovery of multiple vulnerabilities in the Linux kernel highlights the ongoing challenge of maintaining system security. These flaws, if exploited, could have severe consequences for both individuals and organizations. By staying informed about potential threats and taking proactive steps to protect their systems, users can significantly reduce the risk of falling victim to cyberattacks.
Ask us a question to learn more about how KernelCare Enterprise can benefit your organization.
Source: USN-6924-2