Ubuntu has released critical updates addressing various security vulnerabilities across several components, including the Linux kernel, MariaDB, and PostgreSQL. The updates are part of Ubuntu Security Notices (USNs) that provide users with vital information on vulnerabilities and recommended actions.
- Multiple updates (USN-7513-3, USN-7519-1, USN-7521-1, USN-7516-3, USN-7511-3, USN-7510-4, USN-7523-1, USN-7522-1) have been issued, addressing vulnerabilities in various kernel versions, including those for Azure, OEM, GKE, and Raspberry Pi. These updates aim to rectify security issues across numerous subsystems, potentially preventing system compromises.
2. MariaDB Vulnerabilities:
- The update (USN-7519-1) addresses vulnerabilities in MariaDB 10.6 for Ubuntu 22.04 LTS, including critical fixes and a new upstream version that brings bug fixes and features. Users are required to restart MariaDB after applying the update.
3. PostgreSQL Vulnerability:
- PostgreSQL has also released an update (USN-7520-1) for versions 12, 14, and 16 across multiple Ubuntu releases. This addresses a crash vulnerability linked to improper handling of GB18030 encoding, which could lead to a denial of service.
- After performing updates, a system reboot is necessary to apply changes effectively.
- Due to an ABI change with the kernel updates, users may need to recompile and reinstall third-party kernel modules.
Key Updates
1. Linux Kernel Vulnerabilities:- Multiple updates (USN-7513-3, USN-7519-1, USN-7521-1, USN-7516-3, USN-7511-3, USN-7510-4, USN-7523-1, USN-7522-1) have been issued, addressing vulnerabilities in various kernel versions, including those for Azure, OEM, GKE, and Raspberry Pi. These updates aim to rectify security issues across numerous subsystems, potentially preventing system compromises.
2. MariaDB Vulnerabilities:
- The update (USN-7519-1) addresses vulnerabilities in MariaDB 10.6 for Ubuntu 22.04 LTS, including critical fixes and a new upstream version that brings bug fixes and features. Users are required to restart MariaDB after applying the update.
3. PostgreSQL Vulnerability:
- PostgreSQL has also released an update (USN-7520-1) for versions 12, 14, and 16 across multiple Ubuntu releases. This addresses a crash vulnerability linked to improper handling of GB18030 encoding, which could lead to a denial of service.
Recommended Actions
- Users should promptly update their systems to the latest package versions as specified in the notices. The updates include various kernel images and versions for specific Ubuntu releases, such as 20.04 LTS, 22.04 LTS, and 24.04 LTS.- After performing updates, a system reboot is necessary to apply changes effectively.
- Due to an ABI change with the kernel updates, users may need to recompile and reinstall third-party kernel modules.
Conclusion
These updates are crucial for maintaining the security and stability of Ubuntu systems. Users are encouraged to stay vigilant about applying updates and monitoring security notices to mitigate potential risks associated with vulnerabilities. For detailed instructions on package versions and links to the relevant USNs, users can refer to the official Ubuntu security noticesMariaDB, Kernel, PostgreSQL updates for Ubuntu
Ubuntu Linux has undergone updates addressing multiple security vulnerabilities, including those related to MariaDB, the Linux kernel, and PostgreSQL:
[USN-7513-3] Linux kernel vulnerabilities
[USN-7519-1] MariaDB vulnerabilities
[USN-7521-1] Linux kernel vulnerabilities
[USN-7516-3] Linux kernel vulnerabilities
[USN-7511-3] Linux kernel (GKE) vulnerabilities
[USN-7510-4] Linux kernel (Real-time) vulnerabilities
[USN-7510-3] Linux kernel vulnerabilities
[USN-7523-1] Linux kernel (Raspberry Pi Real-time) vulnerabilities
[USN-7522-1] Linux kernel (Azure, N-Series) vulnerabilities
[USN-7520-1] PostgreSQL vulnerabilityMariaDB, Kernel, PostgreSQL updates for Ubuntu @ Linux Compatible
