ClickCease Ubuntu Fixes Several Linux Kernel AWS Vulnerabilities

Content Table

Join Our Popular Newsletter

Join 4,500+ Linux & Open Source Professionals!

2x a month. No spam.

Ubuntu Fixes Several Linux Kernel AWS Vulnerabilities

Rohan Timalsina

September 2, 2024 - TuxCare expert team

Several vulnerabilities in the Linux kernel have been identified, also affecting Amazon Web Services (AWS) systems. Canonical has released important security patches addressing these vulnerabilities. These flaws primarily involve race conditions and memory management errors, which can be exploited to cause system crashes or unauthorized actions. Here’s a detailed look at some of these vulnerabilities and how to stay secure.

 

Overview of Linux Kernel AWS Vulnerabilities

 

CVE-2024-22099

Yuxuan Hu discovered a race condition in the Bluetooth RFCOMM protocol driver within the Linux kernel. This flaw leads to a NULL pointer dereference, which attackers could exploit to cause a denial of service (DoS) by crashing the system.

 

CVE-2024-24860

Another race condition was discovered in the Bluetooth subsystem of the Linux kernel. This flaw also leads to a NULL pointer dereference, which privileged local attackers could leverage to crash the system.

 

CVE-2024-35835

This vulnerability involves a double-free error in the net/mlx5e module of the Linux kernel. When in allocated by kvzalloc fails, the arfs_create_groups function frees resources twice, potentially leading to system instability or crashes.

 

CVE-2024-39292

In the Linux kernel, a vulnerability was identified where registering a winch interrupt request (IRQ) could lead to a system panic. The flaw occurred when the winch was added to the handler list too late, making it vulnerable to interrupts that could trigger system crashes. The fix involved ensuring that the winch was properly registered before allowing any interrupts.

 

CVE-2023-52760

In the GFS2 (Global File System 2) component, a slab-use-after-free error was found due to improper cleanup procedures. Specifically, the vulnerability could cause use-after-free conditions, where freed memory is accessed, leading to unpredictable system behavior or crashes.

 

CVE-2023-52806

This vulnerability in the ALSA (Advanced Linux Sound Architecture) component involves a potential null pointer dereference when assigning audio streams. A faulty assignment of coupled streams could cause crashes, particularly during complex audio operations.

 

How to Stay Secure

 

To protect your AWS systems from these vulnerabilities, applying the latest security updates is crucial. These patches address the flaws in the Linux kernel, ensuring your systems are protected from potential attacks. Users running affected Linux kernel versions on AWS, particularly Ubuntu 16.04 and Ubuntu 18.04, should apply the security updates immediately.

Also, it is important to remember Ubuntu 16.04 and 18.04 have reached the end of life (EOL). So, receiving security updates through Extended Security Maintenance (ESM) will require an Ubuntu Pro subscription.

For organizations seeking a more cost-effective solution, TuxCare’s Extended Lifecycle Support (ELS) provides vendor-grade security patches for up to five years beyond the official end-of-life date. The supported distributions include CentOS 6, 7, and 8, CentOS Stream 8, Oracle Linux 6 and 7, and Ubuntu 16.04 and 18.04.

Additionally, TuxCare also offers KernelCare Enterprise live patching tool that allows you to apply security updates to a running kernel without requiring a system reboot. The KernelCare team is actively working to deploy live patches for the above Linux kernel AWS vulnerabilities. To track the release status of patches, you can visit the CVE Tracker page.

Send questions to a TuxCare security expert to learn about modernizing your Linux patching approach with automated and rebootless patching.

 

Source: USN-6972-2

Summary
Ubuntu Fixes Several Linux Kernel AWS Vulnerabilities
Article Name
Ubuntu Fixes Several Linux Kernel AWS Vulnerabilities
Description
Discover recent Linux kernel AWS vulnerabilities, their impacts, and how to secure your systems with the essential security updates.
Author
Publisher Name
TuxCare
Publisher Logo

Looking to automate vulnerability patching without kernel reboots, system downtime, or scheduled maintenance windows?

Learn About Live Patching with TuxCare

Become a TuxCare Guest Writer

Get started

Mail

Join

4,500

Linux & Open Source
Professionals!

Subscribe to
our newsletter