MGASA-2023-0237 - Updated kernel packages fix security vulnerabilities

Publication date: 19 Jul 2023
URL: https://advisories.mageia.org/MGASA-2023-0237.html
Type: security
Affected Mageia releases: 8
CVE: CVE-2023-3338,
     CVE-2023-3390,
     CVE-2023-31248,
     CVE-2023-35001

This kernel update is based on upstream 5.15.120 and fixes atleast
the following security issues:

A flaw null pointer dereference in the Linux kernel DECnet networking
protocol was found. A remote user could use this flaw to crash the
system. This is fixed by removing DECnet support (CVE-2023-3338).

A use-after-free vulnerability was found in the Linux kernel's netfilter
subsystem in net/netfilter/nf_tables_api.c. Mishandled error handling with
NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same
transaction causing a use-after-free vulnerability. This flaw allows a
local attacker with user access to cause a privilege escalation issue
(CVE-2023-3390).

Linux Kernel nftables Use-After-Free Local Privilege Escalation
Vulnerability; nft_chain_lookup_byid() failed to check whether a chain
was active and CAP_NET_ADMIN is in any user or network namespace 
(CVE-2023-31248).

Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability;
nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN
is in any user or network namespace (CVE-2023-35001).

NOTE!!
This kernel also contains a fix for dkms builds hanging / stalling during
upgrade to Mageia 9 (mga#31982) due to the new make 4.4 series utility
ending up in a loop processing Makefile in kernel-devel packages.
So if you use dkms packaged drivers, you need to be running this kernel
(or any later released ones) before you do an online upgrade to avoid the
upgrade stalling / hanging.

References:
- https://bugs.mageia.org/show_bug.cgi?id=32093
- https://bugs.mageia.org/show_bug.cgi?id=31982
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3338
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3390
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31248
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35001

SRPMS:
- 8/core/kernel-5.15.120-2.mga8
- 8/core/kmod-virtualbox-7.0.8-1.12.mga8
- 8/core/kmod-xtables-addons-3.23-1.22.mga8

Mageia 2023-0237: kernel security update

This kernel update is based on upstream 5.15.120 and fixes atleast the following security issues: A flaw null pointer dereference in the Linux kernel DECnet networking protocol wa...

Summary

This kernel update is based on upstream 5.15.120 and fixes atleast the following security issues:
A flaw null pointer dereference in the Linux kernel DECnet networking protocol was found. A remote user could use this flaw to crash the system. This is fixed by removing DECnet support (CVE-2023-3338).
A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c. Mishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This flaw allows a local attacker with user access to cause a privilege escalation issue (CVE-2023-3390).
Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; nft_chain_lookup_byid() failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace (CVE-2023-31248).
Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace (CVE-2023-35001).
NOTE!! This kernel also contains a fix for dkms builds hanging / stalling during upgrade to Mageia 9 (mga#31982) due to the new make 4.4 series utility ending up in a loop processing Makefile in kernel-devel packages. So if you use dkms packaged drivers, you need to be running this kernel (or any later released ones) before you do an online upgrade to avoid the upgrade stalling / hanging.

References

- https://bugs.mageia.org/show_bug.cgi?id=32093

- https://bugs.mageia.org/show_bug.cgi?id=31982

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3338

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3390

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31248

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35001

Resolution

MGASA-2023-0237 - Updated kernel packages fix security vulnerabilities

SRPMS

- 8/core/kernel-5.15.120-2.mga8

- 8/core/kmod-virtualbox-7.0.8-1.12.mga8

- 8/core/kmod-xtables-addons-3.23-1.22.mga8

Severity
Publication date: 19 Jul 2023
URL: https://advisories.mageia.org/MGASA-2023-0237.html
Type: security
CVE: CVE-2023-3338, CVE-2023-3390, CVE-2023-31248, CVE-2023-35001

Related News

2.Motherboard Esm H320
2 - 3 min read
German software engineer Lennart Poettering recently presented run0 , a new tool in systemd v256 that aims to address the security concerns
22.Lock ScreenEffect Esm H320
2 - 3 min read
Red Hat recently released its newest enterprise Linux distro, Red Hat Enterprise Linux (RHEL) 9.4 , which introduces several features designed to
8.Locks HexConnections CodeGlobe Esm H320
1 - 2 min read
The latest release of Debian , one of the oldest and most trusted distributions within the Linux ecosystem, redefines security, stability, and
20.Lock AbstractDigital Circular Esm H320
1 - 2 min read
The Ubuntu security team has recently discovered and addressed multiple vulnerabilities in the Apache HTTP Server. The vulnerabilities affected
1.Penguin Landscape Esm H320
1 - 2 min read
A critical vulnerability was discovered in the Linux kernel's netfilter subsystem, specifically within the nf_tables component, posing potential
19.Laptop Bed Esm H320
2 - 3 min read
The release of Google Chrome 124 addresses four vulnerabilities, including a critical security flaw that can enable attackers to execute arbitrary
23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved