Linux Kernel Security Update Advisory

Mar 29 2024

Overview

We have released a security update to address a vulnerability in the Linux Kernel. users of affected products are advised to update to the latest version.

Affected Products

Linux Kenel Version: 6.4(include) ~ 6.6.5(exclude)

Linux Kenel Version: 6.7 rc1, rc2, rc3 versions

Resolved Vulnerabilities

Use After Free vulnerability (CVE-2024-0582) due to the way a user registers a buffer ring using IORING_REGISTER_PBUF_RING, mmap() it, and then frees it

Vulnerability Patches

vulnerability patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

Linux Kenel version 6.6.5

Referenced Sites

[1] CVE-2024-0582 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-0582#range-10249649

[2] Mind the Patch Gap: Exploiting an io_uring Vulnerability in Ubuntu

https://blog.exodusintel.com/2024/03/27/mind-the-patch-gap-exploiting-an-io_uring-vulnerability-in-ubuntu/

Linux Kernel Security Update Advisory

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Referenced Sites

Cisco Family March 2024 First Round Security Update Advisory

XZ Utils Library Security Update Advisory (CVE-2024-3094)

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Referenced Sites

Tags:

Cisco Family March 2024 First Round Security Update Advisory

XZ Utils Library Security Update Advisory (CVE-2024-3094)