Discover Security Vulnerabilities News
Linux Kernel DoS, Privilege Escalation Bugs Fixed
Multiple significant security vulnerabilities have been discovered in the Linux kernel, including a remotely exploitable null pointer dereference flaw in the networking protocol (CVE-2023-3338), use-after-free vulnerabilities in kernel's netfilter subsystem in net/netfilter/nf_tables_api.c (CVE-2023-3390) and nft_chain_lookup_byid() (CVE-2023-31248), and an out-of-bounds read/write vulnerability (CVE-2023-35001). These bugs are easy to exploit and pose a severe risk to your system's confidentiality, integrity, and availability. As a result, they have received a National Vulnerability Database severity rating of “High”.
These issues could result in system crashes and privilege escalation attacks.
Important updates for the kernel that mitigate these severe vulnerabilities have been released. We strongly recommend that all impacted users apply the Linux kernel updates issued by their distro(s) now to protect against attacks leading to system downtime and compromise.
To stay on top of essential updates released by the open-source programs and applications you use, register as a LinuxSecurity user, subscribe to our Linux Advisory Watch newsletter, and customize your advisories for your distro(s). This will enable you to stay up-to-date on the latest, most significant issues impacting the security of your systems.
Follow @LS_Advisories on Twitter for real-time updates on advisories for your distro(s).