Ubuntu Livepatch Fixed Several Linux Kernel Vulnerabilities
Ubuntu Livepatch service effectively addresses high and critical vulnerabilities in the Linux kernel, eliminating the need to reboot after patching. It is included in the Ubuntu Pro subscription.
In this blog, we will discuss several security issues that have been patched in the kernel Livepatch.
Ubuntu Kernel Livepatch Updates
CVE-2023-3090
CVSS 3.x Score: 7.8 High
The Linux kernel’s IP-VLAN network driver did not correctly initialize memory in certain situations, which resulted in a heap out-of-bounds write vulnerability. An attacker can use this issue to trigger a denial of service or arbitrary code execution.
CVE-2023-3567
CVSS 3.x Score: 7.1 High
A use-after-free vulnerability was identified in the Linux kernel’s virtual terminal driver, which enabled a local attacker to cause a denial of service or disclose sensitive information (kernel memory).
CVE-2023-3609
CVSS 3.x Score: 7.8 High
A use-after-free vulnerability was discovered in the universal 32-bit network packet classifier implementation, as it incorrectly counted references in certain situations. A local attacker could cause a denial of service or possibly execute arbitrary code using this flaw.
CVE-2023-3776
CVSS 3.x Score: 7.8 High
It was found that the net/sched: cls_fw component of the Linux kernel did not handle reference counting properly. An attacker can exploit this issue to escalate local privileges. If an attacker gained control over the reference counter and set it to zero, it would free the reference, resulting in a use-after-free vulnerability.
CVE-2023-3777
CVSS 3.x Score: 7.8 High
Kevin Rich found that the Linux kernel’s netfilter subsystem does not handle table rules flush correctly under some conditions. A local attacker could exploit this to cause a system denial of service or arbitrary code execution.
CVE-2023-3995 (Duplicate of CVE-2023-4147)
CVSS 3.x Score: 7.8 High
Kevin Rich identified a vulnerability in the netfilter subsystem of the Linux kernel, revealing inadequate handling of rule additions to bound chains under specific conditions. In certain situations, a local attacker might exploit this flaw to potentially trigger a denial of service, leading to a system crash or execute arbitrary code.
CVE-2023-4004
CVSS 3.x Score: 7.8 High
A flaw was detected in the netfilter subsystem within the Linux kernel, where the removal of PIPAPO elements was not appropriately managed, resulting in a use-after-free vulnerability. In this context, a local attacker may exploit this vulnerability to induce a denial of service or execute arbitrary code.
CVE-2023-4128
CVSS 3.x Score: 7.8 High
A critical finding uncovered use-after-free vulnerabilities in certain network classifier implementations within the Linux kernel. A local attacker could leverage this flaw to trigger a denial of service or even to execute arbitrary code.
CVE-2023-21400
CVSS 3.x Score: 6.7 Medium
Ye Zhang and Nicolas Wu identified a vulnerability in the io_uring subsystem of the Linux kernel, revealing inadequate locking mechanisms for rings with IOPOLL, which resulted in a double-free vulnerability. In such a scenario, a local attacker could exploit this issue to instigate a denial of service or execute arbitrary code.
CVE-2023-40283
CVSS 3.x Score: 7.8 High
A vulnerability was found in the Linux kernel’s Bluetooth subsystem, related to the improper handling of the L2CAP socket release, resulting in a use-after-free vulnerability. A local attacker could exploit this flaw to initiate a denial of service or execute arbitrary code.
Final Thoughts
Canonical made these Ubuntu Livepatch security updates available for different releases, including Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Ubuntu 18.04, Ubuntu 16.04, and Ubuntu 14.04 ESM. It is advisable to update the Livepatch version to fix these issues.
Canonical’s Livepatch is for Ubuntu users and is relatively expensive. Alternatively, you might want to consider TuxCare’s KernelCare Enterprise for automated and non-disruptive live patching of all major Linux distributions, including Ubuntu, Debian, RHEL, AlmaLinux, CentOS, and more. Since it is a one-stop solution, you don’t have to use many live patching tools to secure your Linux-based computers.
Discover more on the comparison between KernelCare Enterprise and Canonical Livepatch.
The sources for this article can be found on Ubuntu Security Notices.