1.Penguin Landscape Esm W900

Exploit code will soon become available for a critical vulnerability in the Linux kernel that a security researcher discovered and reported in mid-June. Dubbed StackRot (CVE-2023-3269), this bug impacts the Linux kernel 6.1 through 6.4. The data structure for managing virtual memory spaces in the Linux kernel handles a particular memory management function in a manner that results in use-after-free-by-RCU (UAFBR) issues. The security researcher who discovered StackRot, Ruihan Li, describes the exploit for StackRot as likely the first to successfully exploit a UAFBR bug.

This flaw gives attackers a way to escalate privileges on affected systems.

Important updates for the kernel that mitigate this severe vulnerability have been released. With a low attack complexity and a high confidentiality, integrity and availability impact, it is crucial that all impacted users apply the Linux kernel updates issued by their distro(s) immediately to protect against attacks leading to system downtime and compromise.

To stay on top of important updates released by the open-source programs and applications you use, be sure to register as a LinuxSecurity user, then subscribe to our Linux Advisory Watch newsletter and customize your advisories for the distro(s) you use. This will enable you to stay up-to-date on the latest, most significant issues impacting the security of your systems.

Follow @LS_Advisories on Twitter for real-time updates on advisories for your distro(s).