Ubuntu: Kernel Update Addresses Zenbleed Risk And Privilege Escalation
Aug 04, 2023
•
Brittany Day
2 - 4 min read
Greetings, fellow Linux users! Your security is our top concern, so we want to alert you to some critical updates you should know about. Two new Linux kernel privilege escalation flaws have been discovered in the OverlayFS module in Ubuntu, which affect nearly 40% of Ubuntu users. Don't get caught off guard! These bugs can allow an unprivileged local user to gain elevated privileges on impacted systems.
We also have other significant discoveries and fixes for you, including mitigations for the Zenbleed Microcode information disclosure flaw, as well as fixes for out-of-bounds access vulnerabilities in the X.Org X Server that could lead to server crashes resulting in a denial of service, arbitrary code execution, and privilege escalation on affected systems. It's essential that you stay up-to-date on these issues to protect your system from any potential harm.
We know that cybersecurity threats can be daunting, but we're here to make it easy for you. By updating your system now, you'll take the first step in securing your system and preventing future breaches. Stay ahead of the game by reading on to learn more about these critical threats and the actions you need to take to remain safe and secure.
Also, be sure to check out our Linux security analysis with industry experts to gain critical insights into the past, present, and future of Linux security.
Found this newsletter helpful? Please pay it forward and share it with a fellow security geek! We also welcome feedback on how we could improve our newsletters. If you have any comments or thoughts, please share them with us.
Yours in Open Source,
Linux KernelThe DiscoveryTwo new Linux kernel privilege escalation flaws have been discovered in the OverlayFS module in Ubuntu, which affect nearly 40% of Ubuntu users (CVE-2023-2640 and CVE-2023-32629). Modifications to the OverlayFS module introduced by the Linux kernel project in 2019 and 2022 conflicted with Ubuntu’s earlier changes, and Ubuntu's adoption of the new code introduced these two vulnerabilities. The researchers who discovered these vulnerabilities have stated, “Both vulnerabilities are unique to Ubuntu kernels since they stemmed from Ubuntu’s individual changes to the OverlayFS module. Weaponized exploits for these vulnerabilities are already publicly available given old exploits for past OverlayFS vulnerabilities work out of the box without any changes.” |
MicrocodeThe DiscoveryIt was discovered that under specific microarchitectural circumstances, a register in "Zen 2" CPUs might not be written to 0 correctly, potentially causing data from another process and/or thread to be stored in the YMM register (CVE-2023-20593, also known as Zenbleed). |
X.OrgThe DiscoverySeveral significant out-of-bounds access vulnerabilities have been found in the X.Org X Server (CVE-2021-4008, CVE-2021-4009, and CVE-2021-4011). These flaws threaten data confidentiality and integrity, as well as system availability, and have received a National Vulnerability Database severity rating of “High”. |
PREVIOUS
NEXT
