USN-6921-2: Linux kernel vulnerabilities

Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde recently unveiled a significant vulnerability identified as WeSee (CVE-2024-25742) that compromises the security guarantees of AMD SEV-SNP through malicious virtual controller (VC) interrupts injected by an untrusted hypervisor. This flaw allows a local attacker, with control over the hypervisor, to potentially execute arbitrary code or expose sensitive information within the trusted execution environment.

Furthermore, multiple vulnerabilities have surfaced across different Linux kernel subsystems, posing severe threats to system integrity and security:

  • DMA engine subsystem;
  • HID subsystem;
  • I2C subsystem;
  • PHY drivers;
  • TTY drivers;
  • IPv4 networking;

Among these, several notable vulnerabilities include:

  • CVE-2024-35997: Issues in the HID subsystem related to the I2C_HID_READ_PENDING flag which could potentially lock up the system.
  • CVE-2024-36016: A severe vulnerability in the n_gsm component of the Linux kernel which could allow unauthorized data manipulation.
  • CVE-2024-35990: A flaw in the Xilinx DPDMA driver which could be exploited to gain elevated privileges.
  • CVE-2024-35984: A null pointer dereference issue within the i2c:smbus subsystem leading to possible system crashes.
  • CVE-2024-35992: A vulnerability in the Marvell A3700 comphy module affecting device communication integrity.
  • CVE-2024-36008: A crucial bug impacting IPv4 routing mechanisms, hence affecting network traffic routing.

The resolutions to these vulnerabilities are currently being rolled out in updates, emphasizing the necessity for system administrators and users to apply these updates promptly to safeguard their systems. These patches address the underlying issues and provide reinforcement against potential exploits.

The implications of these vulnerabilities are vast, potentially allowing attackers to impede system operations, execute unauthorized code, or compromise sensitive data. Therefore, staying informed and vigilant about implementing security updates is crucial in maintaining system security.

For detailed information and further reading on these updates, please consult the official resources or visit LinuxPatch to ensure your systems are up-to-date and secured against these threats.