FERRAMENTAS LINUX: Critical Linux Kernel Vulnerabilities Patched for Azure Systems (USN-7597-1)

quarta-feira, 25 de junho de 2025

Critical Linux Kernel Vulnerabilities Patched for Azure Systems (USN-7597-1)

 

Ubuntu



Urgent security update for Linux Azure kernels addresses 15+ critical vulnerabilities including Bluetooth exploits (CVE-2024-8805) and privilege escalation flaws. Learn patch instructions, affected subsystems, and Ubuntu Pro security coverage.

High-Severity Security Advisory: June 2025 Azure Kernel Updates

The Linux kernel team has released urgent patches addressing multiple critical vulnerabilities affecting Microsoft Azure cloud deployments. These security flaws could allow:

  • Unauthorized Bluetooth device pairing (CVE-2024-8805)

  • Privilege escalation via GPU drivers

  • Memory corruption in network subsystems

  • ACPI power management exploits

"Enterprise cloud environments running unpatched kernels face significant compromise risks," warns Michael Randrianantenaina, the security researcher who discovered the Bluetooth stack vulnerability.

Affected Systems and Components

Core Vulnerabilities Patched:

  1. Bluetooth Stack: Rogue device pairing vulnerability (CVSS 8.3)

  2. Hardware Interfaces:

    • PowerPC architecture flaws

    • x86 privilege escalation

    • ACPI driver exploits

  3. Critical Subsystems:

    • NVIDIA/Mellanox network drivers

    • Media processing pipelines

    • SCSI storage controllers

    • QCOM SoC firmware

Enterprise Impact:

  • Azure virtual machines running Ubuntu LTS

  • Kubernetes nodes with default kernels

  • Cloud-native applications using GPU acceleration

Step-by-Step Patch Implementation

Immediate Actions Required:

  1. Version Verification:

    bash
    uname -r && apt list --installed | grep linux-azure

  2. Update Commands:

    bash
    sudo apt update && sudo apt upgrade linux-azure

  3. Mandatory Reboot:

    bash
    sudo systemctl reboot

ABI Change Notice: This update requires kernel module recompilation. Ubuntu systems with standard metapackages will handle this automatically.

Enterprise Security Recommendations

For organizations using Ubuntu in production environments:

Security TierProtection LevelCost
Standard LTS5-year coverageFree
Ubuntu Pro10-year coverage + 25K+ packages$25/node/month

Why Upgrade?

  • Zero-day protection for cloud workloads

  • FIPS 140-2 compliant modules

  • CIS hardening profiles

Technical Reference: CVE Details

Most Critical Vulnerabilities:

  1. CVE-2024-8805 (Bluetooth):

    • CVSS: 8.3 (High)

    • Impact: RCE via malicious device pairing

  2. CVE-2025-39735 (GPU):

    • CVSS: 7.8 (High)

    • Impact: Privilege escalation via DRM subsystem



Cezar Henrique at
Marcadores: Linux, Android, Segurança ,

Nenhum comentário:

Postar um comentário

Assinar: Postar comentários (Atom)