Discover Security Vulnerabilities News
Important Linux Kernel DoS, Code Execution Bugs Fixed
Several significant security issues have been found in the Linux kernel, including a use-after-free vulnerability in the netfilter subsystem (CVE-2023-32233), an an out-of-bounds write vulnerability in the scheduler implementation (CVE-2023-31436), and improper data buffer size validation in the Broadcom FullMAC USB WiFi driver (CVE-2023-1380).
These bugs could result in denial of service (DoS) attacks leading to crashes and kernel deadlock, arbitrary code execution, and the exposure of sensitive information.
Updates are available for the Linux kernel that mitigate these dangerous vulnerabilities. With a low attack complexity, a high confidentiality, integrity and availability impact, and a National Vulnerability Database (NVD) severity rating of “High”, it is crucial that all impacted users apply the Linux kernel updates issued by their distro(s) immediately to protect against loss of access to critical systems and the compromise of sensitive data.
To stay on top of important updates released by the open-source programs and applications you use, be sure to register as a LinuxSecurity user, then subscribe to our Linux Advisory Watch newsletter and customize your advisories for the distro(s) you use. This will enable you to stay up-to-date on the latest, most significant issues impacting the security of your systems.
Follow @LS_Advisories on Twitter for real-time updates on advisories for your distro(s).