Canonical has rolled out essential security updates for Ubuntu, addressing multiple Linux kernel vulnerabilities that also impact Amazon Web Services (AWS). These issues, which involve race conditions and memory management errors, pose significant risks including system crashes and unauthorized access.
The latest patches aim to mitigate these threats and enhance the security of both Ubuntu-based systems and AWS environments. This article shares insights into the specifics of these Linux kernel vulnerabilities, the associated risks, and the steps users have to take to secure their systems.
Multiple Linux Kernel Vulnerabilities Targets AWS Users
Security researchers have highlighted multiple Linux kernel vulnerabilities. A total of 6 vulnerabilities have been reported — targeting multiple flaws within the Linux ecosystem.
CVE-2024-22099
Discovered by Yuxuan Hu, this vulnerability affects the Bluetooth RFCOMM protocol driver within the Linux kernel. It introduces a race condition that can lead to a NULL pointer dereference, causing a denial of service (DoS) by crashing the system.
This flaw, which impacts both x86 and ARM architectures, was reported on January 25, 2024. It is associated with the /net/bluetooth/rfcomm/core.C file and affects Linux kernel versions starting from v2.6.12-rc2.
CVE-2024-24860
Another race condition was found in the Bluetooth subsystem of the Linux kernel, reported on February 5, 2024. This vulnerability, found in the {min,max}_key_size_set() function, also leads to a NULL pointer dereference. Privileged local attackers could exploit this flaw to crash the system. This Linux Kernel AWS vulnerability, noted in Ubuntu Security Team’s reports, is linked to the Bluetooth device driver and could lead to kernel panic or system crashes.
CVE-2024-35835
This vulnerability involves a double-free error in the net/mlx5e module of the Linux kernel, reported on May 17, 2024. The issue arises when the arfs create_groups function frees resources twice if the kvzalloc allocation fails, potentially causing system instability or crashes. The Ubuntu Security Team noted that this vulnerability has been addressed with a patch that corrects the resource management error in arfs_create_groups.
CVE-2024-39292
As reported on June 24, 2024, this flaw affects the Linux kernel’s handling of winch interrupt requests (IRQ). The issue occurs when the winch is added to the handler list too late, making it susceptible to interruptions that can trigger system crashes. The fix involves ensuring that the winch is registered before any interrupts are processed, preventing potential system panics.
CVE-2023-52760
Found in the Global File System 2 (GFS2) component, this vulnerability involves a slab-use-after-free error due to improper cleanup procedures. Discovered on May 21, 2024, this flaw can lead to unpredictable system behavior or crashes. The patch addresses the cleanup process to prevent use-after-free conditions in gfs2_qd_dealloc.
CVE-2023-52806
Another vulnerability discovered on May 21, 2024, involves the Advanced Linux Sound Architecture (ALSA) component. This issue could lead to a null pointer dereference during complex audio operations. The fix ensures that audio streams are assigned correctly, avoiding crashes during audio processing.
Impact on Amazon Web Services (AWS)
These vulnerabilities not only affect Ubuntu systems but also have implications for Linux Kernel AWS deployments. AWS users utilizing Ubuntu-based instances need to apply these patches promptly to mitigate risks associated with these kernel vulnerabilities. The affected systems include both Ubuntu-based virtual machines and those running critical applications on AWS.
Canonical has addressed these vulnerabilities with timely security patches. The updates are available for various Ubuntu releases, including:
- Ubuntu Bionic (4.15.0-228.240)
- Ubuntu Focal (5.4.0-193.213)
- Ubuntu Jammy (5.15.0-102.112)
- Ubuntu Mantic (6.5.0-41.41)
These patches are designed to address the identified vulnerabilities and enhance overall system security. For users running Ubuntu on AWS, it is essential to apply these patches as soon as possible to ensure that their systems remain secure against these identified vulnerabilities.
Regular updates and security patches are crucial in maintaining the integrity and stability of both local and cloud-based systems. Canonical’s latest security updates address several critical Linux kernel vulnerabilities, including those affecting Amazon Web Services.
Users are advised to stay vigilant and apply these patches to protect their systems from potential exploits and ensure continued security.