Several vulnerabilities in the Linux kernel have been identified, also affecting Amazon Web Services (AWS) systems. Canonical has released important security patches addressing these vulnerabilities. These flaws primarily involve race conditions and memory management errors, which can be exploited to cause system crashes or unauthorized actions. Here’s a detailed look at some of these vulnerabilities and how to stay secure.

Overview of Linux Kernel AWS Vulnerabilities

CVE-2024-22099

Yuxuan Hu discovered a race condition in the Bluetooth RFCOMM protocol driver within the Linux kernel. This flaw leads to a NULL pointer dereference, which attackers could exploit to cause a denial of service (DoS) by crashing the system.

CVE-2024-24860

Another race condition was discovered in the Bluetooth subsystem of the Linux kernel. This flaw also leads to a NULL pointer dereference, which privileged local attackers could leverage to crash the system.

CVE-2024-35835

This vulnerability involves a double-free error in the net/mlx5e module of the Linux kernel. When in allocated by kvzalloc fails, the arfs_create_groups function frees resources twice, potentially leading to system instability or crashes.

CVE-2024-39292

In the Linux kernel, a vulnerability was identified where registering a winch interrupt request (IRQ) could lead to a system panic. The flaw occurred when the winch was added to the handler list too late, making it vulnerable to interrupts that could trigger system crashes. The fix involved ensuring that the winch was properly registered before allowing any interrupts.

CVE-2023-52760

In the GFS2 (Global File System 2) component, a slab-use-after-free error was found due to improper cleanup procedures. Specifically, the vulnerability could cause use-after-free conditions, where freed memory is accessed, leading to unpredictable system behavior or crashes.

CVE-2023-52806

This vulnerability in the ALSA (Advanced Linux Sound Architecture) component involves a potential null pointer dereference when assigning audio streams. A faulty assignment of coupled streams could cause crashes, particularly during complex audio operations.

How to Stay Secure

To protect your AWS systems from these vulnerabilities, applying the latest security updates is crucial. These patches address the flaws in the Linux kernel, ensuring your systems are protected from potential attacks. Users running affected Linux kernel versions on AWS, particularly Ubuntu 16.04 and Ubuntu 18.04, should apply the security updates immediately.

Also, it is important to remember Ubuntu 16.04 and 18.04 have reached the end of life (EOL). So, receiving security updates through Extended Security Maintenance (ESM) will require an Ubuntu Pro subscription.

For organizations seeking a more cost-effective solution, TuxCare’s Extended Lifecycle Support (ELS) provides vendor-grade security patches for up to five years beyond the official end-of-life date. The supported distributions include CentOS 6, 7, and 8, CentOS Stream 8, Oracle Linux 6 and 7, and Ubuntu 16.04 and 18.04.

Additionally, TuxCare also offers KernelCare Enterprise live patching tool that allows you to apply security updates to a running kernel without requiring a system reboot. The KernelCare team is actively working to deploy live patches for the above Linux kernel AWS vulnerabilities. To track the release status of patches, you can visit the CVE Tracker page.

Send questions to a TuxCare security expert to learn about modernizing your Linux patching approach with automated and rebootless patching.

Source: USN-6972-2

The post Ubuntu Fixes Several Linux Kernel AWS Vulnerabilities appeared first on TuxCare.

*** This is a Security Bloggers Network syndicated blog from TuxCare authored by Rohan Timalsina. Read the original post at: https://tuxcare.com/blog/ubuntu-fixes-several-linux-kernel-aws-vulnerabilities/