FERRAMENTAS LINUX: Critical Linux Kernel Security Update: Ubuntu 24.10 & 24.04 LTS Patches (USN-7610-2)

quarta-feira, 9 de julho de 2025

Critical Linux Kernel Security Update: Ubuntu 24.10 & 24.04 LTS Patches (USN-7610-2)

Ubuntu 24.10 & 24.04 LTS users must patch critical Linux kernel vulnerabilities (CVE-2025-38001, CVE-2025-37997, etc.) to prevent system compromise. Learn how to update and secure your systems now.

Urgent Security Vulnerabilities Addressed in Latest Kernel Update

Ubuntu has released a critical security advisory (USN-7610-2) addressing multiple high-severity vulnerabilities in the Linux kernel affecting Ubuntu 24.10 (Oracular Oriole) and 24.04 LTS (Noble Numbat).

These flaws, if exploited, could allow attackers to compromise system integrity, escalate privileges, or disrupt network operations.

🔴 Why This Matters:

Impacts low-latency and OEM kernel variants (common in enterprise/server environments).

Includes 6 CVEs with risks ranging from Netfilter bypasses to traffic control exploits.

Requires immediate patching due to potential remote code execution (RCE) risks.

Affected Systems & Vulnerability Details

📌 Vulnerable Packages

Ubuntu Version	Affected Kernel Packages
Ubuntu 24.10	`linux-lowlatency`, `linux-lowlatency-64k`
Ubuntu 24.04 LTS	`linux-oem-6.11`

🚨 Key CVEs Patched

CVE-2025-38001: Netfilter privilege escalation.

CVE-2025-37997: Traffic control subsystem memory corruption.

CVE-2025-37798: Kernel panic via malformed packets.
(Full list in Ubuntu Security Notice USN-7610-2)

How to Patch Your Ubuntu System

🛠️ Step-by-Step Update Instructions

Terminal Commands:

sudo apt update && sudo apt upgrade linux-image-*

Reboot Required:
bash
```
sudo reboot
```
ABI Change Warning:
- Recompile third-party kernel modules (e.g., NVIDIA drivers).
- Metapackages like linux-generic auto-handle this during standard upgrades.