Linux Advisory Watch: April 29, 2022

Happy Friday fellow Linux geeks! This week, important updates have been issued for zlib, the Linux kernel and Bash. Read on to learn about these vulnerabilities and how to secure your system against them. 

Now you can personalize your LinuxSecurity.com User Profile to include the latest advisories for the distros you select, making it easier than ever to keep your system up-to-date and secure.

Have a question about or comment on one of the vulnerabilities highlighted in today's newsletter? Let's discuss!

Yours in Open Source,

zlib The Discovery  A flaw was found in zlib v1.2.2.2 through zlib v1.2.11 when compressing certain inputs (CVE-2018-25032). The Impact This vulnerability could allow for memory corruption when deflating (i.e., when compressing) if the input has many distant matches. The Fix A security update that mitigates this issue is now available. Update as soon as possible to protect the security and integrity of your systems. Your Related Advisories: Register to Customize Your Advisories

Linux Kernel The Discovery  Two important security vulnerabilities have been discovered in the Linux kernel (CVE-2022-27666 and CVE-2022-22942). The Impact These flaws could result in buffer overflow attacks and local privilege escalation. The Fix An update has been released that fixes these dangerous bugs. We recommend that you update promptly to protect against attacks and compromise. Your Related Advisories: Register to Customize Your Advisories

Bash The Discovery It was discovered that Bash did not properly drop privileges when the binary had the setuid bit enabled (CVE-2019-18276). The Impact An attacker could potentially exploit this flaw to escalate privileges. The Fix A Bash security update that fixes this bug has been released. Update now to protect the security and integrity of your systems. Your Related Advisories: Register to Customize Your Advisories