Linux Advisory Watch: September 9, 2022

Happy Friday fellow Linux geeks! This week, important updates have been issued for rsync, the Linux kernel for Amazon Web Services (AWS) and PostgreSQL. Read on to learn about these vulnerabilities and how to secure your system against them. 

Have a question about or comment on one of the vulnerabilities highlighted in today's newsletter? Let's discuss!

Yours in Open Source,

rsync The Discovery  It was discovered that zlib incorrectly handled memory when performing certain inflate operations (CVE-2022-37434). The Impact An attacker could use this issue to cause rsync to crash, resulting in a denial of service (DoS), or possibly execute arbitrary code. The Fix A security update for rsync fixes this vulnerability. We recommend that you update now to protect the security, integrity and availability of your systems. Your Related Advisories: Register to Customize Your Advisories

Linux Kernel (AWS) The Discovery  ​​Several security issues were found in the Linux kernel for Amazon Web Services (AWS) systems (CVE-2022-26365, CVE-2022-33740 and CVE-2022-33741). The Impact A local attacker could use these flaws to expose sensitive information or cause a denial of service (DoS). The Fix An important update for the Linux Kernel mitigates these bugs. We recommend that you update as soon as possible to secure your sensitive information and protect against attacks and compromise. Your Related Advisories: Register to Customize Your Advisories

PostgreSQL The Discovery It was discovered that PostgreSQL could be made to run programs when creating or updating extensions (CVE-2022-2625). The Impact An attacker could possibly use this issue to execute arbitrary code when extensions are created or updated. The Fix A security update has been released for PostgreSQL that fixes this vulnerability. We recommend that you update promptly to protect against exploits and compromise. Your Related Advisories: Register to Customize Your Advisories