Happy Friday fellow Linux geeks! Distros are continuing to release fixes for multiple important buffer overflow and use-after-free vulnerabilities in the Linux kernel, the worst of which received a base score of 8.8 out of 10. It is critical that users update immediately to protect against these dangerous bugs. Has your distro released a patch for these flaws? You can customize your LinuxSecurity advisories based on the distro(s) you use to find out now!
Distros continue to update NTFS-3G to fix 29 high-severity vulnerabilities including a classic buffer overflow, out-of-memory and "request smuggling flaws" that could lead to system compromise. Continue reading to learn how to secure your systems against these critical issues.
Yours in Open Source,
NTFS-3GThe DiscoveryTwenty-nine high-severity vulnerabilities have been discovered in NTFS-3G. |
Linux KernelThe DiscoverySeveral important security issues have been discovered in the Linux kernel, including a buffer overflow in the NFSD implementation in the kernel (CVE-2022-43945), multiple use-after-free vulnerabilities in the Bluetooth L2CAP handshake implementation in the kernel (CVE-2022-42896), and an integer overflow vulnerability in the Bluetooth subsystem in the kernel (CVE-2022-45934).
The ImpactThese flaws could result in denial of service (DoS) or the execution of arbitrary code by a remote attacker. The FixAn update is available for the kernel that fixes these bugs. We strongly recommend that you update now to protect the security, integrity and availability of your systems. Your Related Advisories:Register to Customize Your Advisories |
NettyThe DiscoverySeveral out-of-memory, stack overflow or HTTP request smuggling vulnerabilities have been discovered in the Netty Java NIO client/server socket framework (CVE-2021-37136, CVE-2021-37137, CVE-2021-43797 and CVE-2022-41881). |
