In today's edition, we'll focus on patching the vulnerability CVE-2024-4603 affecting openssl package on ubuntu 22.04.

To check if this patch is relevant to you:

• Check Ubuntu Version
  • Open a terminal on your Ubuntu system and run the following command “lsb_release -a”
  • This command will display detailed information about your Ubuntu system, including the version number. Ensure that the output shows "22.04" as the version.
• Verify openssl Version
  • Open a terminal on your Ubuntu system and run the following command “dpkg -l | grep openssl”
  • This command will show the current version of openssl package installed on your Ubuntu system. Verify that the version is less than "3.0.2-0ubuntu1.18".

For further information and support related to this patch, please refer to the support page.

Patch Details

Patch Deployment with SecOps Patch Management

Manual Patch deployment

1. Download from Ubuntu Repository

• Open a terminal and update your package repository by running the following command: “sudo apt update”
• Upgrade openssl to the latest version using the following command: “sudo apt upgrade openssl”

2. Using Manual Download

• Visit the Ubuntu archive repository to download openssl / 3.0.2-0ubuntu1.18 for Ubuntu 22.04.
• Install the downloaded package using the following command: “sudo dpkg -i openssl_3.0.2-0ubuntu1.18_amd64.deb”‍
• If there are any dependency issues, resolve them using the following command: “sudo openssl --fix-broken install”‍
• Validate Patch Deployment: using the following command: "dpkg -l | grep openssl”

3. Verify that openssl is now at version 3.0.2-0ubuntu1.18.

By following these steps, you can ensure that the vulnerability “CVE-2024-4603” is mitigated on your system.

Important Note:

1. There are several key things to remember while deploying a patch. It is crucial to download the correct patch file that has been released for your system’s architecture, Operating System, and Build Version
2. It is crucial that you follow the right process or supply the correct commands while installing the patch
3. Understand if the patch requires a reboot of the system or not. If yes make sure to perform a reboot securely to avoid system corruption

‍

SecOps Solution is a Full-stack Patch and Vulnerability Management Platform that helps organizations identify, prioritize, and remediate security vulnerabilities and misconfigurations in seconds.‍

‍To learn more, get in touch.