USN-6777-3: Linux Kernel (GCP) Vulnerabilities Alert

Zheng Wang and other researchers have recently uncovered multiple security vulnerabilities within the Linux kernel, some specific to platforms running on Google Cloud Platform (GCP). These vulnerabilities impact several critical subsystems and could potentially allow attackers to compromise system integrity and availability.

CVE-2023-47233: A significant vulnerability within the Broadcom FullMAC WLAN driver due to a use-after-free error during device removal has been identified. This vulnerability primarily affects systems physically accessible by attackers, potentially leading to system crashes and denial of service.

Other identified vulnerabilities span across different subsystems, including:

  • Block layer subsystem
  • Userspace I/O drivers
  • Ceph distributed file system
  • Ext4 file system
  • JFS file system
  • NILFS2 file system
  • Bluetooth subsystem
  • Networking core
  • IPv4 and IPv6 networks
  • Logical Link layer
  • MAC80211 subsystem
  • Netlink
  • NFC subsystem
  • Tomoyo security module

These vulnerabilities, cataloged under multiple CVEs such as CVE-2023-52524, CVE-2023-52530, CVE-2023-52601, among others, pose varying levels of risk, with some allowing unauthorized access and others enabling denial of service attacks.

For the userspace I/O drivers and the block layer subsystem, specific flaws have been addressed that previously allowed escalated privileges or led to unexpected behaviors. Updates include critical patches to ensure reliable system operations and to block potential attack vectors.

To learn more about how to safeguard your systems and to apply necessary updates, please visit our main website by clicking here.

Updating your systems promptly ensures you minimise potential disruptions and maintain your operational integrity. We strongly recommend reviewing the specific patch notes related to these vulnerabilities and testing updates in staging environments before a full rollout.

Stay informed and protect your systems by subscribing to our security updates and reading detailed reports on newly discovered vulnerabilities.