Tux Machines

Security Leftovers

Posted by Roy Schestowitz on May 21, 2023

Linux Kernel DoS, Info Disclosure Bugs Fixed

Several important security issues have been found in the Linux kernel, including a slab-out-of-bound read problem (CVE-2023-1380), a heap out-of-bounds read/write vulnerability in the traffic control (QoS) subsystem (CVE-2023-2248), and an out-of-bounds write issue in the kernel before 6.2.13 (CVE-2023-31436). The vulnerabilities have received a National Vulnerability Database (NVD) rating of “high-severity” due to their high confidentiality, integrity and availability impact.

Important runC Privilege Escalation Flaws Fixed

These bugs could possibly allow an attacker to escalate privileges or bypass AppArmor, and potentially SELinux.

A runC security update that fixes these flaws has been released. We strongly recommend that all impacted users apply the runC updates issued by their distro(s) as soon as possible to protect the confidentiality, integrity and availability of their systems.

Scan Container Images for Vulnerabilities with Docker Scout

The security of your containers builds on a foundation formed from the images you use.

WordPress 6.2.2 Security Release

WordPress 6.2.2 is now available!