Several vulnerabilities in Ubuntu’s implementation of the Linux kernel, including a use-after-free vulnerability and a timing side-channel vulnerability, were patched today.
An advisory issued by Ubuntu Wednesday morning urges users to patch if they’re running 14.04 LTS or any derivative builds.
The update fixes a use-after-free vulnerability in the kernel’s CXGB3 driver that an attacker could leverage to carry out a denial of service attack causing a system crash which could allow for code execution. The issue, discovered by Venkatesh Pottem, is one of two medium severity issues patched with the update.
The second vulnerability, found by David Herrmann, is triggered because the kernel “incorrectly accounted file descriptors to the original opener for in-flight file descriptors sent over a unix domain socket,” he said. Like the first issue, an attacker could’ve exploited the vulnerability to carry out a denial of service attack.
A third DoS issue stemmed from the fact that the Linux kernel failed to enforce limits on data “allocated to buffer pipes,” something that would’ve exhausted resources as well.
The timing side channel vulnerability existed in Linux’s Extended Verification Module (EVM) and if exploited, could affected system integrity, according to the advisory. EVM in the Linux kernel prevents tampering and helps validate extended attributes before allowing operations on files. An attacker would have to analyze how much time is taken to execute cryptographic algorithms in order to carry out the attack.
A handful of other security issues were fixed in other versions of Ubuntu in addition to 14.04 today, as well.
Separately, users running Ubuntu 12.04 LTS are encouraged to update to address the aforementioned issues while users running Ubuntu 15.10 will want to update to fix additional issues in Linux kernel for Raspberry Pi 2.
