Several important security issues have been found and fixed in the Linux kernel, which could result in privilege escalation attacks, denial of service (DoS) attacks leading to crashes or kernel deadlock, the execution of arbitrary code, or the exposure of sensitive information. With a high confidentiality, integrity and availability impact, it is crucial that all impacted users update immediately to protect against downtime and the compromise of critical systems and confidential data.

The Cybersecurity & Infrastructure Security Agency (CISA) has also added seven new Linux vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation, some of which have been known for a decade. We examine the impact of these flaws and how to find the information you need to protect against them.

It’s no secret that WordPress has a questionable security history, but do you know what is required to secure your WordPress install? Our experts put a few strategies to the test, specifically taking a look at what happens when predictive analysis is used to find and fix new and known vulnerabilities, a strategy that has emerged as highly effective. 

Continue reading to learn about other significant issues that have been discovered and fixed in the open-source programs and applications you use.

Yours in Open Source,

Brittany Signature 150 Esm W150

Linux Kernel

The Discovery 

Several important security issues were discovered in the Linux kernel (CVE-2023-0386, CVE-2023-1829, CVE-2022-2590 and CVE-2022-4095). These bugs have been classified as “high-severity” by the National Vulnerability Database (NVD) due to their high confidentiality, integrity and availability impact.

LinuxKernel Esm W206

The Impact

These vulnerabilities could result in privilege escalation attacks, denial of service (DoS) attacks leading to crashes or kernel deadlock, the execution of arbitrary code, or the exposure of sensitive information.

The Fix

We strongly recommend that all impacted users apply the kernel updates issued by their distro(s) as soon as possible to protect against attacks leading to downtime and the compromise of critical systems and confidential data.

Your Related Advisories:

[distro_list_1]

Open vSwitch

The Discovery 

It was discovered that Open vSwitch could be made to stop forwarding packets if it received specially crafted network traffic (CVE-2023-1668). Due to its high availability impact and the low attack complexity required to exploit the bug, this vulnerability has received a National Vulnerability Database (NVD) base score of 8.2 out of 10 (“High” severity).

Openvswitch Esm W278

The Impact

A remote attacker could possibly use this issue to cause a denial of service (DoS), resulting in loss of access to your critical systems.

The Fix

An important update for Open vSwitch that fixes this dangerous vulnerability has been released. We urge all impacted users to apply the Open vSwitch updates issued by their distro(s) now to protect against attacks leading to loss of access and potential compromise.

Your Related Advisories:

[distro_list_2]

WebKitGTK

The Discovery 

Distros continue to release updates addressing several severe vulnerabilities that have been found in the WebKitGTK web engine, including a use after free vulnerability that may have been actively exploited (CVE-2023-28205).

Webkitgtk Esm W225

The Impact

These flaws could result in the execution of arbitrary code and the exposure of sensitive information.

The Fix

With a low attack complexity, no privileges required to exploit, and a high confidentiality, integrity and availability impact, we strongly recommend that all impacted users apply the WebKitGTK updates issued but their distro(s) immediately to protect against attacks leading to the compromise of confidential information and potential system downtime.

Your Related Advisories:

[distro_list_3]