Attention security-conscious Linux users: we’ve got critical updates for you! Multiple significant security vulnerabilities have been found in the Linux kernel, which could result in system crashes leading to denial of service (DoS) or privilege escalation attacks. With a low attack complexity and a high confidentiality, integrity, and availability impact, these bugs have received a National Vulnerability Database severity rating of “High”. Be sure to update your systems now to stay safe and secure.

But wait, there's more! We uncover other significant discoveries and fixes, including a ReDoS bug found in Django that could result in loss of access to critical systems and potential system compromise, along with severe DoS and code execution vulnerabilities discovered in the GPAC multimedia framework. Keep reading to learn more about these issues and how to protect against them.  

Yours in Open Source,

Brittany Signature 150 Esm W150

Linux Kernel

The Discovery 

Multiple significant security vulnerabilities have been found in the Linux kernel, including an out-of-bounds memory access flaw in the XFS file system (CVE-2023-2124) and an out-of-boundary read vulnerability in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the kernel (CVE-2023-2176). With a low attack complexity and a high confidentiality, integrity, and availability impact, these bugs have received a National Vulnerability Database base score of 7.8 out of 10 (“High” severity).

LinuxKernel Esm W206

The Impact

These issues could result in system crashes leading to denial of service (DoS) or privilege escalation attacks.

The Fix

Important updates for the kernel that mitigate these severe vulnerabilities have been released. We strongly recommend that all impacted users apply the Linux kernel updates issued by their distro(s) immediately to protect against attacks leading to system downtime and compromise.

Your Related Advisories:

[distro_list_1]

Django

The Discovery 

It was discovered that in Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS (regular expression denial of service) attacks via a vast number of domain name labels of emails and URLs (CVE-2023-36053).

Django Esm W400

The Impact

This issue could result in loss of access to critical systems and potential system compromise.

The Fix

An essential update for Django that fixes this dangerous bug is now available. We urge all impacted users to apply the Django updates issued by their distro(s) now to ensure their systems remain accessible.

Your Related Advisories:

[distro_list_2]

GPAC

The Discovery 

Multiple severe security issues were discovered in the GPAC multimedia framework, including a heap-based Buffer Overflow in the GitHub repository gpac/gpac before V2.1.0-DEV (CVE-2023-0760) and a NULL Pointer Dereference in the GitHub repository gpac/gpac before 2.2.2 (CVE-2023-3012). These vulnerabilities have received a National Vulnerability Database base score of 7.8 out of 10 (“High” severity).

GPAC Esm W224

The Impact

These bugs could result in denial of service (DoS) or the execution of arbitrary code.

The Fix

A GPAC security update has been released that addresses these flaws. We strongly recommend that all impacted users apply the GPAC updates issued by their distro(s) as soon as possible to protect the security and availability of their systems.

Your Related Advisories:

[distro_list_3]