Discover Security Vulnerabilities News
Linux Kernel DoS, Privilege Escalation Vulns Fixed
Multiple significant security vulnerabilities have been found in the Linux kernel, including an out-of-bounds memory access flaw in the XFS file system (CVE-2023-2124) and an out-of-boundary read vulnerability in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the kernel (CVE-2023-2176). With a low attack complexity and a high confidentiality, integrity, and availability impact, these bugs have received a National Vulnerability Database base score of 7.8 out of 10 (“High” severity).
These issues could result in system crashes leading to denial of service (DoS) or privilege escalation attacks.
Important updates for the kernel that mitigate these severe vulnerabilities have been released. We strongly recommend that all impacted users apply the Linux kernel updates issued by their distro(s) immediately to protect against attacks leading to system downtime and compromise.
To stay on top of essential updates released by the open-source programs and applications you use, register as a LinuxSecurity user, subscribe to our Linux Advisory Watch newsletter and customize your advisories for the distro(s) you use. This will enable you to stay up-to-date on the latest, most significant issues impacting the security of your systems.
Follow @LS_Advisories on Twitter for real-time updates on advisories for your distro(s).