Ubuntu Addresses Linux Kernel Raspberry Pi Vulnerabilities
The recent Ubuntu security updates have fixed multiple Linux kernel Raspberry Pi vulnerabilities for Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Ubuntu 18.04 ESM, and Ubuntu 23.04. They include patches for the four vulnerabilities affecting the package “linux-raspi”, which is the Linux kernel for Raspberry Pi systems.
Four Linux Kernel Raspberry Pi Vulnerabilities Fixed
The following vulnerabilities have been discovered in the Linux kernel that can impact the “linux-raspi” package.
CVE-2023-4128
CVSS 3.x Score: 7.8 (High)
Linux kernel is found to have use-after-free vulnerabilities in some network classifier implementations. A local attacker can use this flaw to perform DoS attacks or possibly arbitrary code execution.
CVE-2023-20588
CVSS 3.x Score: 5.5 (Medium)
This vulnerability was present in some AMD processors, potentially causing a leak of stale data from division operations in certain situations. A local attacker can use this to disclose sensitive information. It was discovered by Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko.
CVE-2023-40283
CVSS 3.x Score: 7.8 (High)
The Linux kernel’s Bluetooth subsystem did not properly handle the L2CAP socket release, resulting in a use-after-free vulnerability. A local attacker can use this flaw to cause DoS attacks or possibly arbitrary code execution.
CVE-2023-4569
CVSS 3.x Score: 5.5 (Medium)
The Linux kernel’s netfilter subsystem was found to have a memory leak flaw when processing some element flush operations. A local attacker can exploit this to double-deactivate catchall elements, causing a memory leak.
However, these vulnerabilities do not only affect the “linux-raspi” but also other many packages. Ubuntu has released patches for them too. For more information, visit here.
Patching Linux Kernel with KernelCare Enterprise
TuxCare’s KernelCare Enterprise is a live patching solution for all major enterprise Linux distributions, including Ubuntu, CentOS, Debian, RHEL, Oracle Linux, AlmaLinux, Rocky Linux, Raspberry Pi, and more. It automatically applies security patches while the kernel is running. That means you do not have to restart the server or schedule maintenance windows when patching with KernelCare.
It is critical to update your packages to new versions to address those Linux kernel Raspberry Pi vulnerabilities. You can execute the update command in the terminal to get the packages that contain security fixes.
The sources for this story can be found on Ubuntu Security Notices.