Alerts This Week
Warning Icon 1 659
Alerts This Week
Warning Icon 1 659

Linux Kernel 4.x: Critical DoS And Code Execution Issues Fixed

Calendar Mar 05, 2023 User Avatar Brittany Day
2 - 3 min read
1.Penguin Landscape Esm H500
Topics%20covered

Topics Covered

security advisory network security buffer overflow code execution DoS local escalation Linux kernel

Several critical and high-severity network security issues, including multiple use-after-free and stack-based buffer overflow cybersecurity vulnerabilities, were discovered in the Linux kernel. These network security threats could lead to Denial of Service (DoS) attacks, privilege escalation, or the execution of arbitrary code. This article will discuss the Linux kernel issue’s discovery, impact, and protection opportunities.

The Discovery & The Impact

The most serious network security issues recently discovered in the Linux kernel are the following critical cybersecurity vulnerabilities:

  • A “use-after-free” vulnerability affecting the function “area_cache_get” of the fileLinuxsec “drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c” of the component IPsec (CVE-2022-3545). 
  • A “use-after-free” vulnerability affecting the function “l2cap_conn_del” of the file “net/bluetooth/l2cap_core.c” of the component Bluetooth (CVE-2022-3640). 
  • A stack overflow flaw in the SYSCTL subsystem, how a user changes certain kernel parameters and variables (CVE-2022-4378). 
  • A “use-after-free” vulnerability that can be exploited to achieve local privilege escalation (CVE-2023-0461). To reach the vulnerability kernel configuration flag, “CONFIG_TLS” or “CONFIG_XFRM_ESPINTCP” has to be configured, but the operation does not require any privilege. There is a “use-after-free” bug, “icsk_ulp_data” of a struct “inet_connection_sock.” When CONFIG_TLS is enabled, the user can install a tls context (struct tls_context) on a connected tcp socket. The context is not cleared if this socket is disconnected and reused as a listener. If a new socket is created from the listener, the context is inherited and vulnerable. The setsockopt TCP_ULP operation does not require any privilege. 

A local attacker could exploit these bugs to cause Denial of Service attacks in network security, escalate privileges, or possibly execute arbitrary code. This impacts:

  • linux: Linux kernel
  • linux-aws: Linux kernel for Amazon Web Services (AWS) systems
  • linux-dell300x: Linux kernel for Dell 300x platforms
  • linux-gcp-4.15: Linux kernel for Google Cloud Platform (GCP) systems
  • linux-oracle: Linux kernel for Oracle Cloud systems

How Can I Secure My Systems Against Cybersecurity Vulnerabilities?

An important kernel security update was released recently, and it fixes these dangerous bugs. Distros have released security advisories for these cybersecurity vulnerabilities, providing instructions on how users can update their systems to protect against them.

LinuxSecurity Founder Dave Wreski warns, “We urge all impacted users to update now to protect against attacks leading to downtime and compromise. Patching is an easy and effective way to mitigate the risk of an adversary exploiting these issues to halt productivity and potentially harm your critical systems.”

Be sure to register as a LinuxSecurity user, then subscribe to our Linux Advisory Watch newsletter and customize your advisories for the distro(s) you use to stay up-to-date on the latest, most significant network security issues impacting your systems so you can improve security posture as quickly as possible.

Follow @LS_Advisories on X for real-time updates on advisories for your distro(s).

Your message here