Linux kernel vulnerabilities<\/p>\n
A security issue affects these releases of Ubuntu and its derivatives:<\/p>\n
– Ubuntu 20.04 LTS
– Ubuntu 18.04 LTS
– Ubuntu 22.04 LTS<\/p>\n
Summary<\/p>\n
Several security issues were fixed in the kernel.<\/p>\n
Software Description<\/p>\n
– linux – Linux kernel
– linux-aws – Linux kernel for Amazon Web Services (AWS) systems
– linux-azure – Linux kernel for Microsoft Azure Cloud systems
– linux-gcp – Linux kernel for Google Cloud Platform (GCP) systems
– linux-gke – Linux kernel for Google Container Engine (GKE) systems
– linux-ibm – Linux kernel for IBM cloud systems<\/p>\n
Details<\/p>\n
Lonial Con discovered that the netfilter subsystem in the Linux kernel
contained a memory leak when handling certain element flush operations.
A local attacker could use this to expose sensitive information (kernel
memory). (CVE-2023-4569)<\/p>\n
Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel
did not properly handle inactive elements in its PIPAPO data structure,
leading to a use-after-free vulnerability. A local attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2023-6817)<\/p>\n
It was discovered that a race condition existed in the AppleTalk
networking subsystem of the Linux kernel, leading to a use-after-free
vulnerability. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code.
(CVE-2023-51781)<\/p>\n
Kevin Rich discovered that the netfilter subsystem in the Linux kernel
did not properly check deactivated elements in certain situations,
leading to a use-after-free vulnerability. A local attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2024-0193)<\/p>\n
Lonial Con discovered that the netfilter subsystem in the Linux kernel
did not properly handle element deactivation in certain cases, leading
to a use-after-free vulnerability. A local attacker could use this to
cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2024-1085)<\/p>\n
Notselwyn discovered that the netfilter subsystem in the Linux kernel
did not properly handle verdict parameters in certain cases, leading to
a use- after-free vulnerability. A local attacker could use this to
cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2024-1086)<\/p>\n
In the Linux kernel, the following vulnerability has been resolved:
net: qualcomm: rmnet: fix global oob in rmnet_policy The variable
rmnet_link_ops assign a bigger maxtype which leads to a global out-of-
bounds read when parsing the netlink attributes. (CVE-2024-26597)<\/p>\n
Update instructions<\/p>\n
The problem can be corrected by updating your kernel livepatch to the
following versions:<\/p>\n
Ubuntu 20.04 LTS
aws – 103.1
aws – 103.2
aws – 103.3
azure – 103.3
gcp – 103.2
gcp – 103.3
generic – 103.1
generic – 103.2
generic – 103.3
gke – 103.3
ibm – 103.2
lowlatency – 103.1
lowlatency – 103.2
lowlatency – 103.3<\/p>\n
Ubuntu 18.04 LTS
aws – 103.3
azure – 103.3
gcp – 103.3
generic – 103.3
lowlatency – 103.3<\/p>\n
Ubuntu 22.04 LTS
aws – 103.1
aws – 103.2
aws – 103.3
azure – 103.1
azure – 103.2
azure – 103.3
gcp – 103.1
gcp – 103.2
generic – 103.1
generic – 103.2
generic – 103.3
gke – 103.1
gke – 103.2
gke – 103.3
ibm – 103.1
ibm – 103.2
ibm – 103.3<\/p>\n
Support Information<\/p>\n
Livepatches for supported LTS kernels will receive upgrades for a period
of up to 13 months after the build date of the kernel.<\/p>\n
Livepatches for supported HWE kernels which are not based on an LTS
kernel version will receive upgrades for a period of up to 9 months
after the build date of the kernel, or until the end of support for that
kernel\u2019s non-LTS distro release version, whichever is sooner.<\/p>\n
References<\/p>\n
– CVE-2023-4569
– CVE-2023-6817
– CVE-2023-51781
– CVE-2024-0193
– CVE-2024-1085
– CVE-2024-1086
– CVE-2024-26597<\/p>\n","protected":false},"excerpt":{"rendered":"
Linux kernel vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: – Ubuntu 20.04 LTS– Ubuntu 18.04 LTS– Ubuntu 22.04 LTS Summary Several security issues were fixed in the kernel. Software Description – linux – Linux kernel– linux-aws – Linux kernel for Amazon Web Services (AWS) systems– linux-azure – Linux kernel for …<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-56592","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/56592","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=56592"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/56592\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=56592"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=56592"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=56592"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}