Ubuntu Kernel Updates Patch Multiple Linux Kernel Vulnerabilities
The Ubuntu security team has recently released Ubuntu kernel updates to address several high-severity Linux kernel vulnerabilities. The affected operating systems include Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Ubuntu 23.10, Ubuntu 18.04 ESM, and Ubuntu 16.04 ESM. In this article, we will explore the details of the updates, highlighting key security issues that have been resolved and the overall impact on Ubuntu systems.
Ubuntu Linux Kernel Vulnerabilities Fixed in 2024
CVE-2023-6040 (CVSS Severity Score: 7.8 High)
The Ubuntu kernel updates addressed an out-of-bounds access vulnerability found in the Linux kernel’s netfilter subsystem. Lin Ma discovered that the netfilter subsystem had an issue validating network family support while creating a new netfilter table. This flaw could potentially allow a local attacker to cause a denial of service or execute arbitrary code.
CVE-2023-6606 (CVSS Severity Score: 7.1 High)
Another important fix in these updates includes an out-of-bounds read vulnerability found in the Linux kernel’s Common Internet File System (CIFS) implementation. The issue arises when the CIFS implementation fails to validate the server frame size in some situations. Exploiting this flaw could result in a denial of service or exposure to sensitive information.
CVE-2023-6817 (CVSS Severity Score: 7.8 High)
Xingyuan Mo identified that the netfilter subsystem failed to handle inactive elements in its PIPAPO data structure. This resulted in a use-after-free vulnerability which could be exploited by a local attacker to cause a denial of service (system crash) or possibly execute arbitrary code.
CVE-2023-6931 (CVSS Severity Score: 7.8 High)
One of the critical vulnerabilities addressed in the Ubuntu kernel updates is an out-of-bound write vulnerability in the Linux kernel’s perf subsystem. This flaw occurred due to the incorrect validation of all event sizes when attaching new events. It could be exploited by a local attacker to cause a denial of service (system crash) or possibly execute arbitrary code.
CVE-2023-6932 (CVSS Severity Score: 7.0 High)
The Ubuntu kernel updates also fixed a race condition found in the Linux kernel’s IGMP protocol implementation. A local attacker could leverage this use-after-free flaw to cause a denial of service or execute arbitrary code.
Ubuntu Kernel Updates for EOL Systems
As we all know, Ubuntu 16.04 and Ubuntu 18.04 have already received the end-of-life status. So official Ubuntu kernel updates are not provided to these systems unless you purchase an Ubuntu Pro subscription.
Alternatively, you can choose a more affordable option TuxCare’s Extended Lifecycle Support. TuxCare provides four years of additional security support for both Ubuntu 16.04 and Ubuntu 18.04 after the EOL date. With vendor-grade security patches, you can ensure the maximum security and stability of your end-of-life Ubuntu systems even after the EOL period.
TuxCare has already released patches for the above-mentioned vulnerabilities. You can find the detailed information on the CVE page.
Applying the Ubuntu kernel updates as soon as they are available is crucial to mitigate the risks of potential exploitation. Ubuntu frequently receives security updates, addressing several vulnerabilities and improving system stability. All the fixed vulnerabilities are published on the Ubuntu Security Notice page.