Ubuntu Security Advisories

Atte Kettunen discovered that Firefox did not properly validate before inserting ranges into the selection node cache. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code.

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Watchdog drivers; - Netfilter; - Network traffic control; (CVE-2024-38630, CVE-2024-27397, CVE-2024-45016)

USN-7062-1 fixed vulnerabilities in libgsf. This update provides the corresponding updates for Ubuntu 24.10. Original advisory details: It was discovered that libgsf incorrectly handled certain Compound Document Binary files. If a user or automated system were tricked into opening a specially crafted file, a remote attacker could possibly use this issue to execute arbitrary code.

USN-7042-2 released an improved fix for cups-browsed. This update provides the corresponding update for Ubuntu 24.10. Original advisory details: Simone Margaritelli discovered that cups-browsed could be used to create arbitrary printers from outside the local network. In combination with issues in other printing components, a remote attacker could possibly use this issue to connect to a system, created manipulated PPD files, and execute arbitrary code when a printer is used. This update disables support for the legacy CUPS printer discovery protocol.

Enrique Nissim and Krzysztof Okupski discovered that some AMD processors did not properly restrict access to the System Management Mode (SMM) configuration when the SMM Lock was enabled. A privileged local attacker could possibly use this issue to further escalate their privileges and execute arbitrary code within the processor's firmware layer.

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - x86 architecture; - Cryptographic API; - CPU frequency scaling framework; - HW tracing; - ISDN/mISDN subsystem; - Media drivers; - Network drivers; - NVME drivers; - S/390 drivers; - SCSI drivers; - USB subsystem; - VFIO drivers; - Watchdog drivers; - JFS file system; - IRQ subsystem; - Core kernel; - Memory management; - Amateur Radio drivers; - IPv4 networking; - IPv6 networking; - IUCV driver; - Network traffic control; - TIPC protocol; - XFRM subsystem; - Integrity Measurement Architecture(IMA) framework; - SoC Audio for Freescale CPUs drivers; - USB sound devices; (CVE-2024-36971, CVE-2024-42271, CVE-2024-38630, CVE-2024-38602, CVE-2024-42223, CVE-2024-44940, CVE-2023-52528, CVE-2024-41097, CVE-2024-27051, CVE-2024-42157, CVE-2024-46673, CVE-2024-39494, CVE-2024-42089, CVE-2024-41073, CVE-2024-26810, CVE-2024-26960, CVE-2024-38611, CVE-2024-31076, CVE-2024-26754, CVE-2023-52510, CVE-2024-40941, CVE-2024-45016, CVE-2024-38627, CVE-2024-38621, CVE-2024-39487, CVE-2024-27436, CVE-2024-40901, CVE-2024-26812, CVE-2024-42244, CVE-2024-42229, CVE-2024-43858, CVE-2024-42280, CVE-2024-26641, CVE-2024-42284, CVE-2024-26602)

It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service (system crash). Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Greybus drivers; - Modular ISDN driver; - Multiple devices driver; - Network drivers; - SCSI drivers; - VFIO drivers; - F2FS file system; - GFS2 file system; - JFS file system; - NILFS2 file system; - Kernel debugger infrastructure; - Bluetooth subsystem; - IPv4 networking; - L2TP protocol; - Netfilter; - RxRPC session sockets; (CVE-2024-42154, CVE-2023-52527, CVE-2024-26733, CVE-2024-42160, CVE-2021-47188, CVE-2024-38570, CVE-2024-26851, CVE-2024-26984, CVE-2024-26677, CVE-2024-39480, CVE-2024-27398, CVE-2022-48791, CVE-2024-42224, CVE-2024-38583, CVE-2024-40902, CVE-2023-52809, CVE-2024-39495, CVE-2024-26651, CVE-2024-26880, CVE-2024-42228, CVE-2024-27437, CVE-2022-48863)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Microsoft Azure Network Adapter (MANA) driver; - Watchdog drivers; - Netfilter; - Network traffic control; (CVE-2024-27397, CVE-2024-45016, CVE-2024-45001, CVE-2024-38630)

USN-7059-1 fixed a vulnerability in OATH Toolkit library. This update provides the corresponding update for Ubuntu 24.10. Original advisory details: Fabian Vogt discovered that OATH Toolkit incorrectly handled file permissions. A remote attacker could possibly use this issue to overwrite root owned files, leading to a privilege escalation attack. (CVE-2024-47191)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Watchdog drivers; - Netfilter; - Memory management; - Network traffic control; (CVE-2024-27397, CVE-2024-38630, CVE-2024-45016, CVE-2024-26960)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Microsoft Azure Network Adapter (MANA) driver; - Network traffic control; (CVE-2024-45016, CVE-2024-45001)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Watchdog drivers; - Netfilter; - Memory management; - Network traffic control; (CVE-2024-27397, CVE-2024-38630, CVE-2024-45016, CVE-2024-26960)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Watchdog drivers; - Netfilter; - Network traffic control; (CVE-2024-38630, CVE-2024-27397, CVE-2024-45016)

A security issue was discovered in the Linux kernel. An attacker could possibly use this to compromise the system. This update corrects flaws in the following subsystems: - Network traffic control; (CVE-2024-45016)

USN-7048-1 fixed a vulnerability in Vim. This update provides the corresponding update for Ubuntu 14.04 LTS. Original advisory details: Suyue Guo discovered that Vim incorrectly handled memory when flushing the typeahead buffer, leading to heap-buffer-overflow. An attacker could possibly use this issue to cause a denial of service.

It was discovered that libarchive mishandled certain memory checks, which could result in a NULL pointer dereference. An attacker could potentially use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-36227) It was discovered that libarchive mishandled certain memory operations, which could result in an out-of-bounds memory access. An attacker could potentially use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2024-48957, CVE-2024-48958)

USN-7038-1 fixed a vulnerability in Apache Portable Runtime (APR) library. This update provides the corresponding update for Ubuntu 14.04 LTS. Original advisory details: Thomas Stangner discovered a permission vulnerability in the Apache Portable Runtime (APR) library. A local attacker could possibly use this issue to read named shared memory segments, potentially exposing sensitive application data.

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - x86 architecture; - Cryptographic API; - CPU frequency scaling framework; - HW tracing; - ISDN/mISDN subsystem; - Media drivers; - Network drivers; - NVME drivers; - S/390 drivers; - SCSI drivers; - USB subsystem; - VFIO drivers; - Watchdog drivers; - JFS file system; - IRQ subsystem; - Core kernel; - Memory management; - Amateur Radio drivers; - IPv4 networking; - IPv6 networking; - IUCV driver; - Network traffic control; - TIPC protocol; - XFRM subsystem; - Integrity Measurement Architecture(IMA) framework; - SoC Audio for Freescale CPUs drivers; - USB sound devices; (CVE-2024-36971, CVE-2024-42271, CVE-2024-38630, CVE-2024-38602, CVE-2024-42223, CVE-2024-44940, CVE-2023-52528, CVE-2024-41097, CVE-2024-27051, CVE-2024-42157, CVE-2024-46673, CVE-2024-39494, CVE-2024-42089, CVE-2024-41073, CVE-2024-26810, CVE-2024-26960, CVE-2024-38611, CVE-2024-31076, CVE-2024-26754, CVE-2023-52510, CVE-2024-40941, CVE-2024-45016, CVE-2024-38627, CVE-2024-38621, CVE-2024-39487, CVE-2024-27436, CVE-2024-40901, CVE-2024-26812, CVE-2024-42244, CVE-2024-42229, CVE-2024-43858, CVE-2024-42280, CVE-2024-26641, CVE-2024-42284, CVE-2024-26602)

It was discovered that nano allowed a possible privilege escalation through an insecure temporary file. If nano was killed while editing, the permissions granted to the emergency save file could be used by an attacker to escalate privileges using a malicious symlink.

It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into processing a specially crafted file, an attacker could exploit this to cause a denial of service or affect the reliability of the system. The vulnerabilities included memory leaks, buffer overflows, and improper handling of pixel data.