Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -3 articles for you...
172
security advisoryupdate instructionsubuntuUbuntu 24.04 LTS: USN-7071-2 critical: linux-gke exploit risk
The system could be compromised under certain conditions.. ========================================================================== Ubuntu Security Notice USN-7071-2 November 14, 2024 linux-gke vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS Summary: The system could be compromised under certain conditions. Software Description: - linux-gke: Linux kernel for Google Container Engine (GKE) systems Details: A security issue was discovered in the Linux kernel. An attacker could possibly use this to compromise the system. This update corrects flaws in the following subsystems: - Network traffic control; (CVE-2024-45016) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS linux-image-6.8.0-1012-gke 6.8.0-1012.15 linux-image-gke 6.8.0-1012.15 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-7071-2 https://ubuntu.com/security/notices/USN-7071-1 CVE-2024-45016 Package Information: . Ubuntu Security Notice USN-7071-2 details serious vulnerabilities in the linux-gke package, urging users to promptly update for better protection against threats. Linux Kernel Updates, GKE Vulnerability Mitigation, Ubuntu Security Notices. . Severity: Critical. LinuxSecurity.com Team
Nov 14, 2024
•Critical
Ubuntu
172
security advisorydenial of servicekernelUbuntu 20.04 LTS USN-6548-4 urgent: Kernel DoS vulnerabilities addressed
Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-6548-4 January 09, 2024 linux-gkeop vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-gkeop: Linux kernel for Google Container Engine (GKE) systems Details: It was discovered that Spectre-BHB mitigations were missing for Ampere processors. A local attacker could potentially use this to expose sensitive information. (CVE-2023-3006) It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-37453) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-39189) Sunjoo Park discovered that the netfilter subsystem in the Linux kernel did not properly validate u32 packets content, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39192) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate SCTP data, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39193) Lucas Leong discovered that the Netlink Transformation (XFRM) subsystem in the Linux kerneldid not properly handle state filters, leading to an out- of-bounds read vulnerability. A privileged local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39194) Kyle Zeng discovered that the IPv4 implementation in the Linux kernel did not properly handle socket buffers (skb) when performing IP routing in certain circumstances, leading to a null pointer dereference vulnerability. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-42754) Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly handle queue initialization failures in certain situations, leading to a use-after-free vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5178) Budimir Markovic discovered that the perf subsystem in the Linux kernel did not properly handle event groups, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5717) It was discovered that the TLS subsystem in the Linux kernel did not properly perform cryptographic operations in some situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6176) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: linux-image-5.4.0-1083-gkeop 5.4.0-1083.87 linux-image-gkeop 5.4.0.1083.81 linux-image-gkeop-5.4 5.4.0.1083.81 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstallall third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-6548-4 https://ubuntu.com/security/notices/USN-6548-1 CVE-2023-3006, CVE-2023-37453, CVE-2023-39189, CVE-2023-39192, CVE-2023-39193, CVE-2023-39194, CVE-2023-42754, CVE-2023-5178, CVE-2023-5717, CVE-2023-6176 Package Information: https://launchpad.net/ubuntu/+source/linux-gkeop/5.4.0-1083.87 . Utilize robust protective strategies for Ubuntu 20.04 LTS to address Linux kernel vulnerabilities for enhanced security.. Linux Kernel, Ubuntu Updates, GKE Security Issues. . Severity: Critical. LinuxSecurity.com Team
Jan 09, 2024
•Critical
Ubuntu
172
security advisorydenial of serviceubuntuUbuntu 22.04 LTS: USN-6351-1 Moderate Denial Of Service Risks
Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-6351-1 September 06, 2023 linux-gke, linux-gkeop vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-gke: Linux kernel for Google Container Engine (GKE) systems - linux-gkeop: Linux kernel for Google Container Engine (GKE) systems Details: It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2022-48425) Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-21255) It was discovered that a race condition existed in the f2fs file system in the Linux kernel, leading to a null pointer dereference vulnerability. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2023-2898) It was discovered that the DVB Core driver in the Linux kernel did not properly handle locking events in certain situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-31084) Yang Lan discovered that the GFS2 file system implementation in the Linux kernel could attempt to dereference a null pointer in some situations. An attacker could use this to construct a malicious GFS2 image that, when mounted and operated on, could cause a denial of service (systemcrash). (CVE-2023-3212) It was discovered that the KSMBD implementation in the Linux kernel did not properly validate buffer sizes in certain operations, leading to an out-of- bounds read vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-38426, CVE-2023-38428) It was discovered that the KSMBD implementation in the Linux kernel did not properly calculate the size of certain buffers. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-38429) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS: linux-image-5.15.0-1027-gkeop 5.15.0-1027.32 linux-image-5.15.0-1041-gke 5.15.0-1041.46 linux-image-gke 5.15.0.1041.40 linux-image-gke-5.15 5.15.0.1041.40 linux-image-gkeop 5.15.0.1027.26 linux-image-gkeop-5.15 5.15.0.1027.26 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-6351-1 CVE-2022-48425, CVE-2023-21255, CVE-2023-2898, CVE-2023-31084, CVE-2023-3212, CVE-2023-38426, CVE-2023-38428, CVE-2023-38429 Package Information: https://launchpad.net/ubuntu/+source/linux-gke/5.15.0-1041.46 https://launchpad.net/ubuntu/+source/linux-gkeop/5.15.0-1027.32 . Keep abreast of recent updates for Ubuntu packages that mitigate various kernel securityflaws impacting GKE environments.. Ubuntu Kernel Issues, Linux GKE Update, Denial of Service Solutions. . Severity: Important. LinuxSecurity.com Team
Sep 06, 2023
•Important
Ubuntu
172
security advisorydenial of servicesystem updateUbuntu 20.04 LTS USN-6324-1 Critical: Multiple Kernel Issues
Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-6324-1 August 31, 2023 linux-gkeop vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-gkeop: Linux kernel for Google Container Engine (GKE) systems Details: Daniel Moghimi discovered that some Intel(R) Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. (CVE-2022-40982) Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. (CVE-2023-20593) It was discovered that the universal 32bit network packet classifier implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3609) It was discovered that the Quick Fair Queueing network scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3611) It was discovered that the network packet classifier with netfilter/firewall marks implementation in the Linux kernel did not properly handle reference counting, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-3776) Update instructions: Theproblem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: linux-image-5.4.0-1075-gkeop 5.4.0-1075.79 linux-image-gkeop 5.4.0.1075.73 linux-image-gkeop-5.4 5.4.0.1075.73 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-6324-1 CVE-2022-40982, CVE-2023-20593, CVE-2023-3609, CVE-2023-3611, CVE-2023-3776 Package Information: https://launchpad.net/ubuntu/+source/linux-gkeop/5.4.0-1075.79 . Critical security patches implemented for Ubuntu 20.04 Linux kernel tackling execution vulnerabilities and mitigating denial of service risks.. Kernel Security Update, GKE Threat Mitigation, Ubuntu 20.04 Advisory. . Severity: Critical. LinuxSecurity.com Team
Aug 31, 2023
•Critical
Ubuntu
172
security advisorydenial of serviceupdate instructionsUbuntu 20.04 LTS USN-6205-1 Critical: Kernel Denial of Service
Several security issues were fixed in the Linux kernel.. =========================================================================Ubuntu Security Notice USN-6205-1 July 06, 2023 linux-gke vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-gke: Linux kernel for Google Container Engine (GKE) systems Details: Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35788, LP: #2023577) It was discovered that for some Intel processors the INVLPG instruction implementation did not properly flush global TLB entries when PCIDs are enabled. An attacker could use this to expose sensitive information (kernel memory) or possibly cause undesired behaviors. (LP: #2023220) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: linux-image-5.4.0-1103-gke 5.4.0-1103.110 linux-image-gke 5.4.0.1103.108 linux-image-gke-5.4 5.4.0.1103.108 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2023220 https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2023577 CVE-2023-35788 Package Information: https://launchpad.net/ubuntu/+source/linux-gke/5.4.0-1103.110 . Multiple security flaws addressed in Ubuntu 20.04 LTS kernel affecting GKE instances. Ensure updates are applied without delay.. Ubuntu Security, Kernel Issues, GKE Security, System Updates. . Severity: Critical. LinuxSecurity.com Team
Jul 06, 2023
•Critical
Ubuntu
172
security advisorycriticaldoSUbuntu 22.04 LTS: USN-5635-1 Critical: GKE Kernel DoS Issues
Several security issues were fixed in the Linux kernel.. =========================================================================Ubuntu Security Notice USN-5635-1 September 23, 2022 linux-gkeop vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-gkeop: Linux kernel for Google Container Engine (GKE) systems Details: It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33655) Duoming Zhou discovered that race conditions existed in the timer handling implementation of the Linux kernel's Rose X.25 protocol layer, resulting in use-after-free vulnerabilities. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-2318) Roger Pau Monné discovered that the Xen virtual block driver in the Linux kernel did not properly initialize memory pages to be used for shared communication with the backend. A local attacker could use this to expose sensitive information (guest kernel memory). (CVE-2022-26365) Roger Pau Monné discovered that the Xen paravirtualization frontend in the Linux kernel did not properly initialize memory pages to be used for shared communication with the backend. A local attacker could use this to expose sensitive information (guest kernel memory). (CVE-2022-33740) It was discovered that the Xen paravirtualization frontend in the Linux kernel incorrectly shared unrelated data when communicating with certain backends. A local attacker could use this to cause a denial of service (guest crash) or expose sensitive information (guest kernel memory). (CVE-2022-33741,CVE-2022-33742) Jan Beulich discovered that the Xen network device frontend driver in the Linux kernel incorrectly handled socket buffers (skb) references when communicating with certain backends. A local attacker could use this to cause a denial of service (guest crash). (CVE-2022-33743) Oleksandr Tyshchenko discovered that the Xen paravirtualization platform in the Linux kernel on ARM platforms contained a race condition in certain situations. An attacker in a guest VM could use this to cause a denial of service in the host OS. (CVE-2022-33744) It was discovered that the virtio RPMSG bus driver in the Linux kernel contained a double-free vulnerability in certain error conditions. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-34494, CVE-2022-34495) Domingo Dirutigliano and Nicola Guerrera discovered that the netfilter subsystem in the Linux kernel did not properly handle rules that truncated packets below the packet header size. When such rules are in place, a remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2022-36946) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS: linux-image-5.15.0-1003-gkeop 5.15.0-1003.5 linux-image-gkeop 5.15.0.1003.5 linux-image-gkeop-5.15 5.15.0.1003.5 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-5635-1 CVE-2021-33655, CVE-2022-2318, CVE-2022-26365, CVE-2022-33740, CVE-2022-33741, CVE-2022-33742, CVE-2022-33743, CVE-2022-33744, CVE-2022-34494, CVE-2022-34495, CVE-2022-36946 Package Information: https://launchpad.net/ubuntu/+source/linux-gkeop/5.15.0-1003.5 . Ubuntu USN-5635-1 alerts users of critical vulnerabilities in the Linux kernel affecting Google Kubernetes Engine (GKE). Prompt updates are essential to safeguard systems. Ubuntu Security, Kernel Threats, GKE Updates. . Severity: Critical. LinuxSecurity.com Team
Sep 23, 2022
•Critical
Ubuntu
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!