Home > News > Linux Updates for Debian: Critical Fix! 馃敡馃惂

Linux Updates for Debian: Critical Fix! 馃敡馃惂

: linux updates for debian: critical fix! 馃敡馃惂

Linux Security Updates Released for Debian Bookworm and Bullseye Users

The Debian Project has released important Linux kernel security updates for its supported Debian GNU/Linux 12 鈥淏ookworm鈥 and Debian GNU/Linux 11 鈥淏ullseye鈥 operating system series.

These updates address multiple security vulnerabilities that could lead to denial of service or privilege escalation.

For Debian GNU/Linux 12 鈥淏ookworm鈥, the new Linux security update patches a use-after-free flaw discovered by Google Project Zero鈥檚 Jann Horn (CVE-2023-6531) and two flaws discovered by Xingyuan Mo in the netfilter subsystem (CVE-2023-6622 and CVE-2023-6817) that could lead to denial of service or privilege escalation for a user with the CAP_NET_ADMIN capability in any user or network namespace.

The update also patches a heap out-of-bounds write vulnerability discovered by Budimir Markovic in the Linux kernel鈥檚 Performance Events system (CVE-2023-6931) that could lead to denial of service or privilege escalation.

Other security vulnerabilities patched in this update are four race conditions discovered in the Bluetooth subsystem, ATM subsystem, Appletalk subsystem, and Amateur Radio X.25 PLP (Rose) support (CVE-2023-51779, CVE-2023-51780, CVE-2023-51781, and CVE-2023-51782, respectively) that could lead to use-after-free flaws.

For Debian GNU/Linux 11 鈥淏ullseye鈥, the new Linux security update addresses a heap out-of-bounds write vulnerability discovered by Budimir Markovic in the Linux kernel鈥檚 Performance Events system (CVE-2023-5717) that could lead to denial of service or privilege escalation.

The update also patches a NULL pointer dereference discovered by Wenqing Liu in the F2FS file system implementation (CVE-2021-44879), two flaws discovered by Alon Zahavi in the NVMe-oF/TCP subsystem (CVE-2023-5178 and CVE-2023-6121) that could lead to denial of service, privilege escalation, or information leak, and a use-after-free flaw discovered by Kevin Rich in the netfilter subsystem (CVE-2023-5197) that could lead to denial of service or privilege escalation for a user with the CAP_NET_ADMIN capability in any user or network namespace.

linux security updates released for debian bookworm and bullseye users
Linux Security Updates Released For Debian Bookworm And Bullseye Users : Linux Updates For Debian: Critical Fix! 馃敡馃惂

Additionally, the update patches a flaw discovered by Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem in the Intel Ethernet Controller RDMA driver (CVE-2023-25775) that could lead to privilege escalation, a race condition discovered by Tom Dohrmann in the Secure Encrypted Virtualization (SEV) implementation (CVE-2023-46813) that could allow a local attacker in a SEV guest virtual machine to cause a denial of service or execute arbitrary code, a use-after-free flaw discovered by Zheng Wang in the Renesas Ethernet AVB support driver (CVE-2023-35827), two race conditions that could lead to an out-of-bounds write in the fill_kobj_path() function (CVE-2023-45863) and a NULL pointer dereference and cause a denial of service (CVE-2023-46862), and a use-after-free vulnerability discovered in the IPv4 IGMP implementation (CVE-2023-6932) that could lead to denial of service or privilege escalation.

The update also addresses a possible deadlock discovered by Marek Marczykowski-Gorecki in the Xen guests event channel code (CVE-2023-34324) that could allow a malicious guest administrator to cause a denial of service.

The Debian Project advises Debian GNU/Linux 12 鈥淏ookworm鈥 and Debian GNU/Linux 11 鈥淏ullseye鈥 users to update their installations to Linux kernel 6.1.69-1 and Linux kernel 5.10.205-2, respectively.

Linux users should perform a reboot after installing the new Linux kernel security updates for Debian Bookworm and Bullseye.

Frequently Asked Questions

How to Check for Security Updates on Debian System?

To check for security updates on a Debian system, users can use the apt-get command-line tool or the graphical user interface package management tool, Synaptic Package Manager. The apt-get tool can be used to update the package lists, and then to upgrade all the installed packages to the latest available versions.

Steps to Upgrade from an Older Debian Release to Bullseye

To upgrade to Debian Bullseye from an older Debian release, users can follow the recommended upgrade process provided by the Debian project. This process involves backing up important data, updating the current release to the latest version, and then upgrading to the new release. The detailed instructions for the upgrade process can be found on the Debian website.

Which Linux Kernel Version Does Debian Bookworm Use?

Debian Bookworm uses the Linux kernel version 6.1.69-1, which is the latest available version at the time of writing. This kernel version includes important security updates that address multiple vulnerabilities.

Specific Security Concerns for Debian Users to be Aware of

Debian users should be aware of the importance of keeping their systems up to date with the latest security patches. Failure to do so can leave their systems vulnerable to attacks that exploit known vulnerabilities. Additionally, users should follow best practices for system security, such as using strong passwords, limiting user access, and disabling unnecessary services.

How Frequently Does Debian Release Security Updates?

Debian releases security updates on a regular basis, typically several times per month. These updates address known vulnerabilities in the software packages included in the Debian distribution. Users are strongly encouraged to apply these updates as soon as they become available.

Process for Installing Security Updates on Debian

To install security updates on Debian, users can use the apt-get command-line tool or the graphical user interface package management tool, Synaptic Package Manager. The apt-get tool can be used to update the package lists, and then to upgrade all the installed packages to the latest available versions. Users should also regularly check for and apply any available security updates to ensure that their systems remain secure.

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.