Greetings, fellow Linux users! Your security is our top concern, so we want to alert you to some critical updates you should know about. Multiple dangerous security vulnerabilities have been found in the Linux kernel, which are easy to exploit and pose a severe risk to the security of your firewall as well as your system's confidentiality, integrity, and availability. Don't get caught off guard! These bugs can cause system crashes and privilege escalation attacks.

We also have other significant discoveries and fixes for you, including a ReDoS bug fixed in Django that could result in loss of system access and potential compromise and a remotely exploitable security issue in the Bind Internet Domain Name Server that a remote attacker could possibly exploit to cause a denial of service. It's essential that you stay up-to-date on these issues to protect your system from any potential harm.

We know that cybersecurity threats can be daunting, but we're here to make it easy for you. By updating your system now, you'll take the first step in securing your system and preventing future breaches. Stay ahead of the game by reading on to learn more about these critical threats and the actions you need to take to remain safe and secure. 

Also, be sure to check out our Linux security analysis with industry experts to gain critical insights into the past, present, and future of Linux security.

Yours in Open Source,

Brittany Signature 150

Linux Kernel

The Discovery 

Multiple significant security vulnerabilities have been discovered in the Linux kernel, including a remotely exploitable null pointer dereference flaw in the networking protocol (CVE-2023-3338), use-after-free vulnerabilities in kernel's netfilter subsystem in net/netfilter/nf_tables_api.c (CVE-2023-3390) and nft_chain_lookup_byid() (CVE-2023-31248), and an out-of-bounds read/write vulnerability (CVE-2023-35001). These bugs are easy to exploit and pose a severe risk to the security of your firewall and your system's confidentiality, integrity, and availability. As a result, they have received a National Vulnerability Database severity rating of “High”.

LinuxKernel

The Impact

These issues could result in system crashes and privilege escalation attacks.

The Fix

Important updates for the kernel that mitigate these severe vulnerabilities have been released. We strongly recommend that all impacted users apply the Linux kernel updates issued by their distro(s) now to protect against attacks threatening firewall security and potentially leading to system downtime and compromise.

Your Related Advisories:

Register to Customize Your Advisories

Django

The Discovery 

Distros continue to release updates for a severe ReDoS (regular expression denial of service) vulnerability found in EmailValidator and URLValidator in Django before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3 (CVE-2023-36053).

Django

The Impact

This flaw could result in loss of system access and potential compromise.

The Fix

An essential update for Django that mitigates this dangerous bug is now available. We strongly recommend that all impacted users apply the Django updates issued by their distro(s) immediately to ensure their critical systems remain accessible.

Your Related Advisories:

Register to Customize Your Advisories

Bind

The Discovery 

Distros also continue to release updates addressing a remotely exploitable security issue in the Bind Internet Domain Name Server. It was discovered that Bind incorrectly handled the cache size limit (CVE-2023-2828). This bug is simple to exploit and poses a significant risk to the availability of your systems. As a result, it has received a National Vulnerability Database severity rating of “High”.

Bind

The Impact

A remote attacker could possibly exploit this issue to cause a denial of service (DoS) by consuming memory or causing Bind to crash.

The Fix

A significant security update for Bind that fixes this bug has been released. We urge all impacted users to apply the Bind updates issued by their distro(s) as soon as possible to protect against attacks leading to system downtime and potential compromise.

Your Related Advisories:

Register to Customize Your Advisories