Greetings, fellow Linux users! Your security is our top concern, so we want to alert you to some critical updates you should know about. Two new Linux kernel privilege escalation flaws have been discovered in the OverlayFS module in Ubuntu, which affect nearly 40% of Ubuntu users. Don't get caught off guard! These bugs can allow an unprivileged local user to gain elevated privileges on impacted systems.

We also have other significant discoveries and fixes for you, including mitigations for the Zenbleed Microcode information disclosure flaw, as well as fixes for out-of-bounds access vulnerabilities in the X.Org X Server that could lead to server crashes resulting in a denial of service, arbitrary code execution, and privilege escalation on affected systems. It's essential that you stay up-to-date on these issues to protect your system from any potential harm. 

We know that cybersecurity threats can be daunting, but we're here to make it easy for you. By updating your system now, you'll take the first step in securing your system and preventing future breaches. Stay ahead of the game by reading on to learn more about these critical threats and the actions you need to take to remain safe and secure. 

Also, be sure to check out our Linux security analysis with industry experts to gain critical insights into the past, present, and future of Linux security.

Found this newsletter helpful? Please pay it forward and share it with a fellow security geek! We also welcome feedback on how we could improve our newsletters. If you have any comments or thoughts, please share them with us.

Yours in Open Source,

Brittany Signature 150

Linux Kernel

The Discovery 

Two new Linux kernel privilege escalation flaws have been discovered in the OverlayFS module in Ubuntu, which affect nearly 40% of Ubuntu users (CVE-2023-2640 and CVE-2023-32629). Modifications to the OverlayFS module introduced by the Linux kernel project in 2019 and 2022 conflicted with Ubuntu’s earlier changes, and Ubuntu's adoption of the new code introduced these two vulnerabilities. The researchers who discovered these vulnerabilities have stated, “Both vulnerabilities are unique to Ubuntu kernels since they stemmed from Ubuntu’s individual changes to the OverlayFS module. Weaponized exploits for these vulnerabilities are already publicly available given old exploits for past OverlayFS vulnerabilities work out of the box without any changes.”

LinuxKernel

The Impact

These issues can allow an unprivileged local user to gain elevated privileges on impacted systems.

The Fix

Important updates for the kernel that mitigate these severe vulnerabilities are now available for Ubuntu users. We strongly recommend that all impacted users apply these updates immediately to protect against privilege escalation attacks leading to system compromise.

Your Related Advisories:

Register to Customize Your Advisories

Microcode

The Discovery 

It was discovered that under specific microarchitectural circumstances, a register in "Zen 2" CPUs might not be written to 0 correctly, potentially causing data from another process and/or thread to be stored in the YMM register (CVE-2023-20593, also known as Zenbleed).

2.Motherboard

The Impact

This vulnerability could result in the exposure of sensitive data.

The Fix

Updated microcode packages that mitigate this flaw are now available for Amd Epyc gen 2 CPUs. Other Zen 2-based CPUs will get their microcode update later when AMD has fixed and validated the microcodes. Given that this bug poses a severe threat to the confidentiality of sensitive information, it is crucial that all impacted users apply the updates issued by their distro(s) now to prevent potential compromise of their critical data.

Your Related Advisories:

Register to Customize Your Advisories

X.Org

The Discovery 

Several significant out-of-bounds access vulnerabilities have been found in the X.Org X Server (CVE-2021-4008, CVE-2021-4009, and CVE-2021-4011). These flaws threaten data confidentiality and integrity, as well as system availability, and have received a National Vulnerability Database severity rating of “High”.

Xorg

The Impact

An attacker could exploit these bugs to cause the server to crash, resulting in a denial of service (DoS), or possibly execute arbitrary code and escalate privileges.

The Fix

An update is available for X.Org that fixes these issues. We urge all impacted users to apply the updates issued by their distro(s) as soon as possible to protect their sensitive data and ensure their crucial systems remain accessible.

Your Related Advisories:

Register to Customize Your Advisories