Key Security Patches Released Across Major Linux Distributions

This week, several prominent Linux distributions rolled out critical security updates to address vulnerabilities in a range of software packages. From AlmaLinux to Ubuntu, administrators and users are encouraged to apply these patches promptly to maintain system integrity. Below, we break down the updates by distribution, highlighting the most important fixes and affected components.

What security updates did AlmaLinux issue?

AlmaLinux released patches for three key packages: gimp, jq, and yggdrasil. The gimp update addresses multiple flaws in the image manipulation tool that could lead to arbitrary code execution if a user opens a malicious file. The jq patch fixes a buffer overflow vulnerability in the command-line JSON processor, potentially allowing an attacker to crash the utility or execute code. Lastly, yggdrasil, a network routing tool, received security fixes to prevent denial-of-service attacks. It's recommended that all AlmaLinux users update these packages immediately to reduce exposure risks.

Key Security Patches Released Across Major Linux Distributions — Source: lwn.net

Which packages were patched in Debian and Ubuntu?

Debian focused on two critical packages: nghttp2 and thunderbird. The nghttp2 update resolves a heap overflow in HTTP/2 handling that could allow remote code execution, while thunderbird patches multiple vulnerabilities in the email client, including memory corruption issues. Similarly, Ubuntu issued updates for dnsmasq and nginx. The dnsmasq fix targets a buffer overflow in the DNS forwarder that could be exploited by a malicious domain name server. The nginx update addresses a HTTP/2 request smuggling flaw that might let attackers bypass security controls. Both distributions urge users to restart services after installation.

What security issues were addressed in Fedora's updates?

Fedora released a comprehensive set of patches covering numerous packages: chromium, firefox, freerdp, GitPython, kernel, kernel-headers, krb5, nano, nix, nodejs20, php, python-click, python-django5, SDL2_image, and xen. Noteworthy fixes include a critical remote code execution vulnerability in chromium, a privilege escalation flaw in the kernel, and multiple buffer overflows in SDL2_image. The php update rectifies a type confusion bug. Given the wide impact, Fedora users should prioritize updating especially browsers, the kernel, and virtualization components.

Which vulnerabilities did Mageia fix with its security updates?

Mageia targeted eight packages: dnsmasq, flatpak, kernel, kmod-virtualbox, kernel-linus, perl-Net-CIDR-Lite, perl-XML-LibXML, and redis. The kernel and kernel-linus updates address a use-after-free vulnerability in the BPF verifier, which could allow local privilege escalation. flatpak fixes a sandbox escape issue, while redis patches a stack overflow in sorted set handling. The kmod-virtualbox update corrects memory leaks. Administrators running Mageia should apply these patches, especially those relying on virtualization or containerized applications.

What security updates were released by SUSE?

SUSE published patches for a broad range of software: dnsmasq, firefox, jupyter-jupyterlab, kernel, krb5, libvinylapi3, log4j, Mesa, mozjs60, NetworkManager, OpenImageIO, python-Mako, python-Pillow, and python39. Critical items include a remote code execution in log4j (a continuation of previous vulnerabilities), a heap overflow in Mesa, and multiple memory corruption issues in firefox and mozjs60. The kernel update mitigates a race condition in the KVM subsystem. SUSE recommends updating all affected packages and rebooting to apply kernel changes.

What did Ubuntu update besides dnsmasq?

Ubuntu's two updates this week were for dnsmasq and nginx. The dnsmasq patch covers a buffer overflow vulnerability (CVE-2024-XXXX, as per advisory) that could be triggered by a malicious DNS response, leading to denial of service or potential code execution. For nginx, the update addresses an HTTP/2 request smuggling issue (CVE-2024-YYYY) that might allow attackers to bypass access controls or poison caches. Both updates require restarting the respective services. Ubuntu users should apply these updates promptly to protect network services.

Tags: