Hello Linux users, 

Today, I’m alerting you of a critical vulnerability in the Shim program used in Linux distributions that support secure boot. This widespread bug could allow an attacker to execute remote code, potentially resulting in complete system compromise - any Linux admin’s worst nightmare!

Read on to learn if your distro is impacted and how to fix this severe flaw. You'll also learn about other significant vulnerabilities recently discovered and mitigated in your open-source programs and applications. 

If you gained valuable insights from reading today’s newsletter, please share it with a fellow security geek. Do you have a Linux security-related topic you'd like to cover for our audience? We welcome contributions from enthusiastic, insightful community members who share our passion for Linux and security!

Stay safe out there,

Brittany Signature 150

Shim

The Discovery 

A critical vulnerability has been found in the Shim program, which is used in Linux distributions that support secure boot. This bug enables an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete system compromise. This severe flaw in Shim can be exploited by compromising a server or performing a man-in-the-middle impersonation to target a device configured to boot using HTTP.  It can also be exploited by having physical access to a device or gaining administrative control by exploiting another vulnerability.

Linuxsec

The Impact

This bug could allow an attacker to execute remote code, potentially resulting in complete system compromise.

The Fix

Critical updates have been released to fix this widespread issue. Given this vulnerability’s threat to affected systems, if left unpatched, we strongly recommend that all impacted users update to the latest version of Shim immediately. Doing so will safeguard your critical Linux systems against attacks leading to compromise.

Your Related Advisories:

Register to Customize Your Advisories

GNU C Library (glibc)

The Discovery 

Have you updated to fix the recently discovered vulnerabilities in the GNU C Library (glibc), a fundamental component of most Linux distributions? These severe flaws include a heap-based buffer overflow flaw in the syslog and vsyslog functions of glibc, an off-by-one heap-based buffer overflow, an integer overflow flaw, and a memory corruption issue in the qsort function of glibc.

GNUCLibrary

The Impact

These bugs could enable attackers to escalate privileges and perform remote code execution (RCE) attacks on affected systems, potentially leading to data theft and system compromise.

The Fix

A crucial glibc security update has been released to mitigate these issues. Given these vulnerabilities’ threat to affected systems, if left unpatched, we strongly recommend that all impacted users update promptly. Patching will protect against attacks leading to data loss and system compromise.

Your Related Advisories:

Register to Customize Your Advisories

Linux Kernel

The Discovery 

This week, the Linux kernel is back in the spotlight as more distros release updates addressing multiple severe kernel flaws. The worst of these bugs include a privilege escalation vulnerability that could allow attackers to gain root privileges on affected systems and an information disclosure flaw in the kernel up to 5.17, among other significant issues.

LinuxKernel

The Impact

​​These vulnerabilities threaten your sensitive data and could lead to privilege escalation attacks on your systems, enabling threat actors to view additional infrastructure to attack, add or delete users, or modify permissions of files or other users.

The Fix

Distros continues to release updates for the Linux kernel to remedy these dangerous flaws. Given the above vulnerabilities’ threat to affected systems, if left unpatched, we urge all impacted users to update as soon as possible. Updating will protect your sensitive data and prevent system compromise. It will also provide other significant kernel security improvements you don’t want to miss out on!

Your Related Advisories:

Register to Customize Your Advisories