Ubuntu Security Advisories

USN-6901-1: stunnel vulnerability

12 hours 14 minutes ago
It was discovered that stunnel did not properly validate client certificates when configured to use both the redirect and verifyChain options. A remote attacker could potentially use this issue to obtain sensitive information by accessing the tunneled service.

USN-6896-3: Linux kernel vulnerabilities

1 day 1 hour ago
It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-6270) It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service. (CVE-2023-7042) Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race condition, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-22099) Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-23307) It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service. (CVE-2024-24857, CVE-2024-24858, CVE-2024-24859) Bai Jiaju discovered that the Xceive XC4000 silicon tuner device driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-24861) Chenyuan Yang discovered that the Unsorted Block Images (UBI) flash device volume management subsystem did not properly validate logical eraseblock sizes in certain situations. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-25739) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - x86 architecture; - Block layer subsystem; - Accessibility subsystem; - ACPI drivers; - Android drivers; - Bluetooth drivers; - Clock framework and drivers; - Data acquisition framework and drivers; - Cryptographic API; - GPU drivers; - HID subsystem; - I2C subsystem; - IRQ chip drivers; - Multiple devices driver; - Media drivers; - VMware VMCI Driver; - MMC subsystem; - Network drivers; - PCI subsystem; - SCSI drivers; - Freescale SoC drivers; - SPI subsystem; - Media staging drivers; - TTY drivers; - USB subsystem; - VFIO drivers; - Framebuffer layer; - Xen hypervisor drivers; - File systems infrastructure; - BTRFS file system; - Ext4 file system; - FAT file system; - NILFS2 file system; - Diskquota system; - SMB network file system; - UBI file system; - io_uring subsystem; - BPF subsystem; - Core kernel; - Memory management; - B.A.T.M.A.N. meshing protocol; - Bluetooth subsystem; - Networking core; - HSR network protocol; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Netfilter; - NET/ROM layer; - NFC subsystem; - Open vSwitch; - Packet sockets; - RDS protocol; - Network traffic control; - Sun RPC protocol; - Unix domain sockets; - ALSA SH drivers; - USB sound devices; - KVM core; (CVE-2023-52620, CVE-2023-52650, CVE-2024-26999, CVE-2024-26857, CVE-2024-35984, CVE-2024-27043, CVE-2024-26810, CVE-2023-52880, CVE-2024-35915, CVE-2024-26955, CVE-2024-27396, CVE-2024-35922, CVE-2024-27395, CVE-2024-35899, CVE-2024-35809, CVE-2024-27000, CVE-2024-27004, CVE-2024-35830, CVE-2024-26931, CVE-2024-26993, CVE-2024-27013, CVE-2024-26812, CVE-2024-35893, CVE-2024-27073, CVE-2024-26687, CVE-2024-26969, CVE-2024-26901, CVE-2024-26875, CVE-2024-26976, CVE-2024-26889, CVE-2024-26586, CVE-2024-36020, CVE-2024-26859, CVE-2024-35944, CVE-2024-35888, CVE-2024-26965, CVE-2024-36007, CVE-2024-35847, CVE-2024-27436, CVE-2024-35982, CVE-2023-52699, CVE-2024-26903, CVE-2024-26966, CVE-2024-35910, CVE-2024-26973, CVE-2024-35895, CVE-2024-27008, CVE-2024-26934, CVE-2024-26923, CVE-2024-26956, CVE-2024-27001, CVE-2024-26651, CVE-2024-26894, CVE-2024-27028, CVE-2024-27053, CVE-2024-27059, CVE-2023-52656, CVE-2024-26878, CVE-2024-35806, CVE-2024-27038, CVE-2024-27076, CVE-2024-26994, CVE-2024-27077, CVE-2024-27437, CVE-2024-26813, CVE-2024-26828, CVE-2024-35807, CVE-2024-35969, CVE-2024-35805, CVE-2024-26862, CVE-2022-48627, CVE-2024-26926, CVE-2024-35933, CVE-2024-35898, CVE-2024-27024, CVE-2024-35789, CVE-2024-35819, CVE-2024-35930, CVE-2024-26654, CVE-2024-26922, CVE-2024-26984, CVE-2024-26880, CVE-2024-27388, CVE-2024-27046, CVE-2024-26820, CVE-2024-36006, CVE-2024-26883, CVE-2024-27078, CVE-2024-35813, CVE-2024-35935, CVE-2024-35855, CVE-2024-35973, CVE-2024-27044, CVE-2024-35886, CVE-2024-26642, CVE-2024-35997, CVE-2024-35822, CVE-2024-27074, CVE-2024-35853, CVE-2024-35936, CVE-2024-35821, CVE-2024-26981, CVE-2024-35852, CVE-2024-26852, CVE-2024-26863, CVE-2024-27065, CVE-2024-35828, CVE-2024-26974, CVE-2024-35823, CVE-2024-35900, CVE-2024-36004, CVE-2024-35960, CVE-2024-35978, CVE-2024-26855, CVE-2024-26816, CVE-2024-35897, CVE-2024-35815, CVE-2024-26884, CVE-2023-52644, CVE-2024-27419, CVE-2024-26882, CVE-2024-35955, CVE-2024-35877, CVE-2024-26957, CVE-2024-35849, CVE-2024-26817, CVE-2024-35925, CVE-2024-26935, CVE-2024-27020, CVE-2024-35950, CVE-2024-26937, CVE-2024-26898, CVE-2024-35854, CVE-2024-26851, CVE-2024-27030, CVE-2024-26874, CVE-2024-35825, CVE-2024-27075)

USN-6900-1: Linux kernel vulnerabilities

1 day 1 hour ago
It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-6270) It was discovered that the HugeTLB file system component of the Linux Kernel contained a NULL pointer dereference vulnerability. A privileged attacker could possibly use this to to cause a denial of service. (CVE-2024-0841) It was discovered that the Open vSwitch implementation in the Linux kernel could overflow its stack during recursive action operations under certain conditions. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-1151) Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-23307) Bai Jiaju discovered that the Xceive XC4000 silicon tuner device driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-24861) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Cryptographic API; - Android drivers; - Block layer subsystem; - Bluetooth drivers; - DMA engine subsystem; - GPU drivers; - HID subsystem; - Hardware monitoring drivers; - I2C subsystem; - IIO ADC drivers; - IIO subsystem; - IIO Magnetometer sensors drivers; - InfiniBand drivers; - On-Chip Interconnect management framework; - Multiple devices driver; - Media drivers; - Network drivers; - PHY drivers; - MediaTek PM domains; - SCSI drivers; - TTY drivers; - USB subsystem; - DesignWare USB3 driver; - Framebuffer layer; - AFS file system; - BTRFS file system; - Ceph distributed file system; - Ext4 file system; - File systems infrastructure; - NILFS2 file system; - NTFS3 file system; - SMB network file system; - Core kernel; - Memory management; - Bluetooth subsystem; - CAN network layer; - Devlink API; - Handshake API; - HSR network protocol; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Multipath TCP; - Netfilter; - NFC subsystem; - RxRPC session sockets; - TIPC protocol; - Unix domain sockets; - Realtek audio codecs; (CVE-2024-26666, CVE-2024-26691, CVE-2024-26681, CVE-2024-26715, CVE-2024-26674, CVE-2024-26790, CVE-2024-26677, CVE-2024-26675, CVE-2024-26696, CVE-2024-26925, CVE-2024-26782, CVE-2024-26798, CVE-2024-26702, CVE-2024-35833, CVE-2024-26825, CVE-2024-26680, CVE-2024-26723, CVE-2024-26703, CVE-2024-26822, CVE-2024-26718, CVE-2024-26695, CVE-2024-26693, CVE-2024-26733, CVE-2024-26659, CVE-2023-52643, CVE-2024-26667, CVE-2024-26601, CVE-2024-26923, CVE-2024-26726, CVE-2024-26676, CVE-2024-26924, CVE-2024-26889, CVE-2024-26685, CVE-2024-26720, CVE-2024-26820, CVE-2024-26919, CVE-2024-26642, CVE-2024-26890, CVE-2023-52637, CVE-2024-26602, CVE-2024-26603, CVE-2023-52880, CVE-2024-26606, CVE-2024-26708, CVE-2024-26697, CVE-2024-26643, CVE-2024-26916, CVE-2024-26661, CVE-2024-26707, CVE-2024-26910, CVE-2024-27416, CVE-2024-26716, CVE-2023-52645, CVE-2024-26600, CVE-2023-52642, CVE-2023-52631, CVE-2024-26926, CVE-2024-26593, CVE-2024-26735, CVE-2024-26917, CVE-2024-26698, CVE-2024-26838, CVE-2024-26694, CVE-2024-26664, CVE-2024-26898, CVE-2024-26719, CVE-2024-26802, CVE-2024-26826, CVE-2024-26679, CVE-2024-26824, CVE-2024-26831, CVE-2024-26792, CVE-2024-26700, CVE-2024-26818, CVE-2024-26920, CVE-2024-26829, CVE-2024-26710, CVE-2023-52638, CVE-2024-26714, CVE-2024-26809, CVE-2024-26789, CVE-2024-26689, CVE-2024-26722, CVE-2024-26660, CVE-2024-26734, CVE-2024-26736, CVE-2024-26828, CVE-2024-26717, CVE-2024-26830, CVE-2024-26711, CVE-2024-26665, CVE-2024-26662, CVE-2024-26748, CVE-2024-26688, CVE-2024-26712, CVE-2024-26922, CVE-2024-26684, CVE-2024-26663, CVE-2024-26803)

USN-6898-2: Linux kernel vulnerabilities

1 day 2 hours ago
Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. (CVE-2022-38096) Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-23307) It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service. (CVE-2024-24857, CVE-2024-24858, CVE-2024-24859) Bai Jiaju discovered that the Xceive XC4000 silicon tuner device driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-24861) Chenyuan Yang discovered that the Unsorted Block Images (UBI) flash device volume management subsystem did not properly validate logical eraseblock sizes in certain situations. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-25739) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - RISC-V architecture; - x86 architecture; - Block layer subsystem; - Accessibility subsystem; - Android drivers; - Bluetooth drivers; - Clock framework and drivers; - Data acquisition framework and drivers; - Cryptographic API; - DMA engine subsystem; - GPU drivers; - HID subsystem; - I2C subsystem; - IRQ chip drivers; - Multiple devices driver; - VMware VMCI Driver; - MMC subsystem; - Network drivers; - Device tree and open firmware driver; - PCI subsystem; - S/390 drivers; - SCSI drivers; - Freescale SoC drivers; - Trusted Execution Environment drivers; - TTY drivers; - USB subsystem; - VFIO drivers; - Framebuffer layer; - Xen hypervisor drivers; - File systems infrastructure; - BTRFS file system; - Ext4 file system; - FAT file system; - Network file system client; - Network file system server daemon; - NILFS2 file system; - Pstore file system; - SMB network file system; - UBI file system; - Netfilter; - BPF subsystem; - Core kernel; - PCI iomap interfaces; - Memory management; - B.A.T.M.A.N. meshing protocol; - Bluetooth subsystem; - Ethernet bridge; - Networking core; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - IEEE 802.15.4 subsystem; - NFC subsystem; - Open vSwitch; - RDS protocol; - Network traffic control; - SMC sockets; - Unix domain sockets; - eXpress Data Path; - ALSA SH drivers; - KVM core; (CVE-2024-35955, CVE-2024-35805, CVE-2024-26814, CVE-2024-27008, CVE-2024-26970, CVE-2024-35944, CVE-2024-27013, CVE-2024-35938, CVE-2024-35853, CVE-2024-35969, CVE-2024-26981, CVE-2024-26929, CVE-2024-27020, CVE-2024-35885, CVE-2024-35973, CVE-2024-35958, CVE-2024-26961, CVE-2024-35912, CVE-2024-35890, CVE-2024-35804, CVE-2024-35813, CVE-2024-27393, CVE-2024-26956, CVE-2024-35915, CVE-2024-26642, CVE-2024-35847, CVE-2024-26960, CVE-2024-26923, CVE-2024-35935, CVE-2024-36025, CVE-2024-35898, CVE-2024-26810, CVE-2024-35809, CVE-2024-26813, CVE-2024-36007, CVE-2024-35817, CVE-2024-35849, CVE-2024-35819, CVE-2024-35884, CVE-2024-35922, CVE-2024-36008, CVE-2024-27004, CVE-2024-35902, CVE-2024-26828, CVE-2024-35791, CVE-2024-35930, CVE-2024-26973, CVE-2024-26984, CVE-2024-35806, CVE-2024-26629, CVE-2024-26955, CVE-2024-26937, CVE-2024-27059, CVE-2024-35872, CVE-2024-35978, CVE-2024-26950, CVE-2024-27018, CVE-2024-35857, CVE-2024-35990, CVE-2024-27437, CVE-2024-35822, CVE-2024-36020, CVE-2024-26931, CVE-2024-26977, CVE-2024-26654, CVE-2024-26988, CVE-2024-36005, CVE-2024-26969, CVE-2024-35960, CVE-2024-27016, CVE-2024-36006, CVE-2024-35936, CVE-2024-35982, CVE-2024-36029, CVE-2024-27395, CVE-2024-26999, CVE-2024-35871, CVE-2024-35893, CVE-2024-26925, CVE-2024-26965, CVE-2024-35933, CVE-2024-35976, CVE-2024-35899, CVE-2024-35852, CVE-2024-35918, CVE-2024-26951, CVE-2024-27001, CVE-2024-35905, CVE-2024-35907, CVE-2024-26976, CVE-2024-27000, CVE-2024-35910, CVE-2024-35950, CVE-2024-26974, CVE-2024-35785, CVE-2023-52488, CVE-2023-52880, CVE-2024-35877, CVE-2024-35888, CVE-2024-35807, CVE-2024-35796, CVE-2024-35821, CVE-2024-35854, CVE-2024-27015, CVE-2024-35823, CVE-2024-35900, CVE-2024-35815, CVE-2024-26966, CVE-2024-26817, CVE-2024-35896, CVE-2024-27396, CVE-2024-27009, CVE-2024-35940, CVE-2024-26996, CVE-2024-35825, CVE-2024-35984, CVE-2024-35886, CVE-2024-27019, CVE-2024-26922, CVE-2024-35989, CVE-2024-26926, CVE-2024-35988, CVE-2024-26957, CVE-2024-26812, CVE-2024-35925, CVE-2024-35970, CVE-2024-26989, CVE-2024-26811, CVE-2024-35895, CVE-2024-26935, CVE-2024-26958, CVE-2024-35855, CVE-2024-35879, CVE-2024-26993, CVE-2024-35934, CVE-2024-36004, CVE-2024-35997, CVE-2024-26994, CVE-2023-52699, CVE-2024-35789, CVE-2024-26964, CVE-2024-26687, CVE-2024-35851, CVE-2024-35897, CVE-2024-26934)

USN-6899-1: GTK vulnerability

2 days 4 hours ago
It was discovered that GTK would attempt to load modules from the current directory, contrary to expectations. If users started GTK applications from shared directories, a local attacker could use this issue to execute arbitrary code, and possibly escalate privileges.

USN-6896-2: Linux kernel vulnerabilities

2 days 5 hours ago
It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-6270) It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service. (CVE-2023-7042) Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race condition, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-22099) Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-23307) It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service. (CVE-2024-24857, CVE-2024-24858, CVE-2024-24859) Bai Jiaju discovered that the Xceive XC4000 silicon tuner device driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-24861) Chenyuan Yang discovered that the Unsorted Block Images (UBI) flash device volume management subsystem did not properly validate logical eraseblock sizes in certain situations. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-25739) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - x86 architecture; - Block layer subsystem; - Accessibility subsystem; - ACPI drivers; - Android drivers; - Bluetooth drivers; - Clock framework and drivers; - Data acquisition framework and drivers; - Cryptographic API; - GPU drivers; - HID subsystem; - I2C subsystem; - IRQ chip drivers; - Multiple devices driver; - Media drivers; - VMware VMCI Driver; - MMC subsystem; - Network drivers; - PCI subsystem; - SCSI drivers; - Freescale SoC drivers; - SPI subsystem; - Media staging drivers; - TTY drivers; - USB subsystem; - VFIO drivers; - Framebuffer layer; - Xen hypervisor drivers; - File systems infrastructure; - BTRFS file system; - Ext4 file system; - FAT file system; - NILFS2 file system; - Diskquota system; - SMB network file system; - UBI file system; - io_uring subsystem; - BPF subsystem; - Core kernel; - Memory management; - B.A.T.M.A.N. meshing protocol; - Bluetooth subsystem; - Networking core; - HSR network protocol; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Netfilter; - NET/ROM layer; - NFC subsystem; - Open vSwitch; - Packet sockets; - RDS protocol; - Network traffic control; - Sun RPC protocol; - Unix domain sockets; - ALSA SH drivers; - USB sound devices; - KVM core; (CVE-2024-27076, CVE-2024-35849, CVE-2024-35899, CVE-2024-27038, CVE-2024-35982, CVE-2024-26687, CVE-2024-26863, CVE-2024-36004, CVE-2024-27004, CVE-2024-27065, CVE-2024-36020, CVE-2024-27000, CVE-2024-26981, CVE-2024-26973, CVE-2024-35922, CVE-2024-35969, CVE-2024-26851, CVE-2023-52880, CVE-2024-35813, CVE-2024-26859, CVE-2024-27078, CVE-2024-27020, CVE-2024-35809, CVE-2024-27001, CVE-2024-26969, CVE-2024-26993, CVE-2024-35935, CVE-2024-35815, CVE-2024-26931, CVE-2024-35823, CVE-2024-26984, CVE-2024-27024, CVE-2024-27419, CVE-2024-27008, CVE-2024-35825, CVE-2023-52644, CVE-2024-35933, CVE-2024-35830, CVE-2024-35900, CVE-2024-27046, CVE-2024-26651, CVE-2024-27013, CVE-2024-27437, CVE-2024-26966, CVE-2024-26974, CVE-2024-26889, CVE-2024-26862, CVE-2024-27043, CVE-2024-35852, CVE-2024-35821, CVE-2024-35886, CVE-2024-35888, CVE-2023-52699, CVE-2024-35997, CVE-2024-26586, CVE-2024-35898, CVE-2024-26934, CVE-2024-35915, CVE-2024-35897, CVE-2024-35973, CVE-2024-27028, CVE-2024-26874, CVE-2024-26923, CVE-2024-26937, CVE-2024-26857, CVE-2024-26855, CVE-2024-35893, CVE-2024-26810, CVE-2024-35910, CVE-2024-26820, CVE-2024-27075, CVE-2024-26816, CVE-2024-26642, CVE-2024-35936, CVE-2024-27073, CVE-2024-35853, CVE-2024-26965, CVE-2023-52650, CVE-2024-27396, CVE-2024-26999, CVE-2024-35855, CVE-2024-26880, CVE-2024-26901, CVE-2024-26894, CVE-2024-26884, CVE-2024-35950, CVE-2024-26957, CVE-2024-27395, CVE-2024-35819, CVE-2024-35978, CVE-2024-36007, CVE-2024-35805, CVE-2024-27436, CVE-2023-52620, CVE-2023-52656, CVE-2024-36006, CVE-2024-35877, CVE-2024-26898, CVE-2024-26935, CVE-2024-35828, CVE-2024-26875, CVE-2024-26654, CVE-2024-35930, CVE-2024-26817, CVE-2024-27388, CVE-2024-26828, CVE-2024-35984, CVE-2024-26812, CVE-2024-35807, CVE-2024-35854, CVE-2024-26878, CVE-2024-26883, CVE-2024-27077, CVE-2024-26922, CVE-2024-27059, CVE-2024-35955, CVE-2024-26903, CVE-2024-35895, CVE-2024-35925, CVE-2024-26882, CVE-2022-48627, CVE-2024-35847, CVE-2024-26813, CVE-2024-26994, CVE-2024-35806, CVE-2024-26926, CVE-2024-35822, CVE-2024-27074, CVE-2024-26976, CVE-2024-26955, CVE-2024-27044, CVE-2024-35789, CVE-2024-27030, CVE-2024-26852, CVE-2024-27053, CVE-2024-35960, CVE-2024-26956, CVE-2024-35944)

USN-6895-2: Linux kernel vulnerabilities

2 days 7 hours ago
It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-6270) It was discovered that the HugeTLB file system component of the Linux Kernel contained a NULL pointer dereference vulnerability. A privileged attacker could possibly use this to to cause a denial of service. (CVE-2024-0841) It was discovered that the Open vSwitch implementation in the Linux kernel could overflow its stack during recursive action operations under certain conditions. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-1151) Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-23307) Bai Jiaju discovered that the Xceive XC4000 silicon tuner device driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-24861) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Cryptographic API; - Android drivers; - Block layer subsystem; - Bluetooth drivers; - DMA engine subsystem; - GPU drivers; - HID subsystem; - Hardware monitoring drivers; - I2C subsystem; - IIO ADC drivers; - IIO subsystem; - IIO Magnetometer sensors drivers; - InfiniBand drivers; - On-Chip Interconnect management framework; - Multiple devices driver; - Media drivers; - Network drivers; - PHY drivers; - MediaTek PM domains; - SCSI drivers; - TTY drivers; - USB subsystem; - DesignWare USB3 driver; - Framebuffer layer; - AFS file system; - BTRFS file system; - Ceph distributed file system; - Ext4 file system; - File systems infrastructure; - NILFS2 file system; - NTFS3 file system; - SMB network file system; - Core kernel; - Memory management; - Bluetooth subsystem; - CAN network layer; - Devlink API; - Handshake API; - HSR network protocol; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Multipath TCP; - Netfilter; - NFC subsystem; - RxRPC session sockets; - TIPC protocol; - Unix domain sockets; - Realtek audio codecs; (CVE-2024-26684, CVE-2024-26889, CVE-2024-26662, CVE-2024-26660, CVE-2024-26708, CVE-2024-26677, CVE-2024-26696, CVE-2024-26664, CVE-2024-26642, CVE-2023-52637, CVE-2024-26680, CVE-2024-26822, CVE-2023-52638, CVE-2024-26830, CVE-2024-26715, CVE-2024-26693, CVE-2024-26697, CVE-2024-26694, CVE-2024-26685, CVE-2023-52642, CVE-2024-26691, CVE-2024-26798, CVE-2024-26828, CVE-2024-26663, CVE-2024-26710, CVE-2024-26601, CVE-2024-26707, CVE-2024-26802, CVE-2024-26675, CVE-2024-26826, CVE-2024-26916, CVE-2024-26803, CVE-2024-26700, CVE-2024-26917, CVE-2024-26600, CVE-2024-26825, CVE-2024-26716, CVE-2024-26602, CVE-2024-26698, CVE-2024-26711, CVE-2024-26920, CVE-2024-26722, CVE-2024-26681, CVE-2024-26674, CVE-2024-26712, CVE-2024-26735, CVE-2024-26782, CVE-2024-26734, CVE-2024-26926, CVE-2024-26923, CVE-2023-52880, CVE-2024-26719, CVE-2024-26593, CVE-2024-26603, CVE-2024-26922, CVE-2024-26717, CVE-2024-26695, CVE-2023-52643, CVE-2024-35833, CVE-2024-26733, CVE-2024-26667, CVE-2024-26659, CVE-2024-26714, CVE-2024-26748, CVE-2024-26702, CVE-2024-26676, CVE-2024-26718, CVE-2024-27416, CVE-2024-26890, CVE-2024-26720, CVE-2024-26838, CVE-2024-26665, CVE-2024-26792, CVE-2024-26818, CVE-2024-26679, CVE-2024-26606, CVE-2024-26736, CVE-2024-26829, CVE-2023-52631, CVE-2024-26790, CVE-2024-26824, CVE-2024-26820, CVE-2024-26831, CVE-2024-26689, CVE-2024-26898, CVE-2024-26789, CVE-2024-26703, CVE-2023-52645, CVE-2024-26688, CVE-2024-26723, CVE-2024-26919, CVE-2024-26661, CVE-2024-26726, CVE-2024-26910, CVE-2024-26666)

USN-6893-2: Linux kernel vulnerabilities

2 days 8 hours ago
It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service. (CVE-2024-24857, CVE-2024-24858, CVE-2024-24859) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - RISC-V architecture; - S390 architecture; - x86 architecture; - Block layer subsystem; - Compute Acceleration Framework; - Accessibility subsystem; - Android drivers; - Drivers core; - Bluetooth drivers; - Clock framework and drivers; - Data acquisition framework and drivers; - Cryptographic API; - Buffer Sharing and Synchronization framework; - GPU drivers; - On-Chip Interconnect management framework; - IOMMU subsystem; - Multiple devices driver; - Media drivers; - VMware VMCI Driver; - Network drivers; - Microsoft Azure Network Adapter (MANA) driver; - Device tree and open firmware driver; - Chrome hardware platform drivers; - i.MX PM domains; - TI SCI PM domains driver; - S/390 drivers; - SCSI drivers; - SPI subsystem; - Thermal drivers; - TTY drivers; - USB subsystem; - Framebuffer layer; - BTRFS file system; - Network file system server daemon; - NILFS2 file system; - File systems infrastructure; - Pstore file system; - SMB network file system; - BPF subsystem; - Bluetooth subsystem; - Netfilter; - io_uring subsystem; - Core kernel; - Extra boot config (XBC); - Memory management; - Amateur Radio drivers; - B.A.T.M.A.N. meshing protocol; - Ethernet bridge; - Networking core; - IPv4 networking; - IPv6 networking; - Multipath TCP; - NFC subsystem; - RDS protocol; - Network traffic control; - SMC sockets; - Sun RPC protocol; - TLS protocol; - Unix domain sockets; - Wireless networking; - eXpress Data Path; - SELinux security module; (CVE-2024-35976, CVE-2024-35873, CVE-2024-35959, CVE-2024-27012, CVE-2024-36025, CVE-2024-35868, CVE-2024-26995, CVE-2024-35916, CVE-2024-36023, CVE-2024-35964, CVE-2024-35890, CVE-2024-26980, CVE-2024-35950, CVE-2024-27006, CVE-2024-35955, CVE-2024-35885, CVE-2024-35960, CVE-2024-35932, CVE-2024-26986, CVE-2024-35884, CVE-2024-35860, CVE-2024-36020, CVE-2024-35930, CVE-2024-35919, CVE-2024-27020, CVE-2024-26928, CVE-2024-35903, CVE-2024-35907, CVE-2024-35904, CVE-2024-35972, CVE-2024-35892, CVE-2024-26921, CVE-2024-35869, CVE-2024-35957, CVE-2024-35967, CVE-2024-35927, CVE-2024-35946, CVE-2024-27000, CVE-2024-35943, CVE-2024-35902, CVE-2024-27013, CVE-2024-35968, CVE-2024-35970, CVE-2024-35865, CVE-2024-36022, CVE-2024-26993, CVE-2024-36027, CVE-2024-35895, CVE-2024-35908, CVE-2024-35901, CVE-2024-35872, CVE-2024-26925, CVE-2024-35917, CVE-2024-35898, CVE-2024-35861, CVE-2024-35900, CVE-2024-26984, CVE-2024-35891, CVE-2023-52699, CVE-2024-35961, CVE-2024-35951, CVE-2024-36019, CVE-2024-27021, CVE-2024-35939, CVE-2024-26997, CVE-2024-26999, CVE-2024-35897, CVE-2024-35896, CVE-2024-26817, CVE-2024-35875, CVE-2024-35935, CVE-2024-27015, CVE-2024-26982, CVE-2024-35958, CVE-2024-26989, CVE-2024-26922, CVE-2024-26811, CVE-2024-27003, CVE-2024-35920, CVE-2024-27007, CVE-2024-35879, CVE-2024-35979, CVE-2024-35978, CVE-2024-35914, CVE-2024-35938, CVE-2024-35913, CVE-2024-26985, CVE-2024-35915, CVE-2024-35974, CVE-2024-27001, CVE-2024-35940, CVE-2024-35867, CVE-2024-26994, CVE-2024-35886, CVE-2024-35899, CVE-2024-27022, CVE-2024-35910, CVE-2024-35893, CVE-2024-27010, CVE-2024-36024, CVE-2024-26926, CVE-2024-26923, CVE-2024-26990, CVE-2024-35912, CVE-2024-26987, CVE-2024-35966, CVE-2024-35977, CVE-2024-35866, CVE-2024-35975, CVE-2024-35965, CVE-2024-35933, CVE-2024-26936, CVE-2024-35889, CVE-2024-35863, CVE-2024-27002, CVE-2024-27018, CVE-2024-36021, CVE-2024-27019, CVE-2024-35921, CVE-2024-35870, CVE-2024-35956, CVE-2024-27016, CVE-2024-26996, CVE-2024-35878, CVE-2024-26988, CVE-2024-35888, CVE-2024-35936, CVE-2024-27014, CVE-2024-35883, CVE-2024-35862, CVE-2024-35945, CVE-2024-26983, CVE-2024-35982, CVE-2024-35924, CVE-2024-27004, CVE-2024-27008, CVE-2024-35963, CVE-2024-35909, CVE-2024-35911, CVE-2024-35973, CVE-2024-35887, CVE-2024-27009, CVE-2024-35980, CVE-2024-36026, CVE-2024-35969, CVE-2024-35954, CVE-2024-35864, CVE-2024-35953, CVE-2024-26998, CVE-2024-35931, CVE-2024-26981, CVE-2024-35971, CVE-2024-35934, CVE-2024-35929, CVE-2024-35918, CVE-2024-35937, CVE-2024-36018, CVE-2024-35877, CVE-2024-35925, CVE-2024-35981, CVE-2024-35985, CVE-2024-35942, CVE-2024-35922, CVE-2024-35952, CVE-2024-27011, CVE-2024-35944, CVE-2024-35905, CVE-2024-35880, CVE-2024-35882, CVE-2024-27005, CVE-2024-26991, CVE-2024-35871, CVE-2024-35926, CVE-2024-26992, CVE-2024-35894, CVE-2024-27017)

USN-6898-1: Linux kernel vulnerabilities

3 days 1 hour ago
Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. (CVE-2022-38096) Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-23307) It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service. (CVE-2024-24857, CVE-2024-24858, CVE-2024-24859) Bai Jiaju discovered that the Xceive XC4000 silicon tuner device driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-24861) Chenyuan Yang discovered that the Unsorted Block Images (UBI) flash device volume management subsystem did not properly validate logical eraseblock sizes in certain situations. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-25739) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - RISC-V architecture; - x86 architecture; - Block layer subsystem; - Accessibility subsystem; - Android drivers; - Bluetooth drivers; - Clock framework and drivers; - Data acquisition framework and drivers; - Cryptographic API; - DMA engine subsystem; - GPU drivers; - HID subsystem; - I2C subsystem; - IRQ chip drivers; - Multiple devices driver; - VMware VMCI Driver; - MMC subsystem; - Network drivers; - Microsoft Azure Network Adapter (MANA) driver; - Device tree and open firmware driver; - PCI subsystem; - S/390 drivers; - SCSI drivers; - Freescale SoC drivers; - Trusted Execution Environment drivers; - TTY drivers; - USB subsystem; - VFIO drivers; - Framebuffer layer; - Xen hypervisor drivers; - File systems infrastructure; - BTRFS file system; - Ext4 file system; - FAT file system; - Network file system client; - Network file system server daemon; - NILFS2 file system; - Pstore file system; - SMB network file system; - UBI file system; - Netfilter; - BPF subsystem; - Core kernel; - PCI iomap interfaces; - Memory management; - B.A.T.M.A.N. meshing protocol; - Bluetooth subsystem; - Ethernet bridge; - Networking core; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - IEEE 802.15.4 subsystem; - NFC subsystem; - Open vSwitch; - RDS protocol; - Network traffic control; - SMC sockets; - Unix domain sockets; - eXpress Data Path; - Key management; - ALSA SH drivers; - KVM core; (CVE-2024-35944, CVE-2024-35789, CVE-2024-35819, CVE-2024-35796, CVE-2024-35817, CVE-2024-35950, CVE-2024-35851, CVE-2024-35918, CVE-2024-26961, CVE-2024-35990, CVE-2024-26629, CVE-2024-35823, CVE-2024-35922, CVE-2024-26969, CVE-2024-36007, CVE-2024-35989, CVE-2024-35822, CVE-2024-26654, CVE-2024-35879, CVE-2024-27395, CVE-2024-35855, CVE-2024-27008, CVE-2024-26988, CVE-2024-35912, CVE-2024-35900, CVE-2024-26956, CVE-2024-27018, CVE-2024-26922, CVE-2024-26950, CVE-2024-35849, CVE-2024-26999, CVE-2024-36006, CVE-2024-26970, CVE-2024-26937, CVE-2024-35821, CVE-2024-35982, CVE-2024-35907, CVE-2024-35884, CVE-2024-26929, CVE-2024-35905, CVE-2024-35915, CVE-2024-35910, CVE-2024-35886, CVE-2024-35930, CVE-2024-36008, CVE-2024-27004, CVE-2024-26984, CVE-2024-35877, CVE-2024-35958, CVE-2024-35895, CVE-2024-26981, CVE-2024-27393, CVE-2024-35973, CVE-2024-36029, CVE-2024-26931, CVE-2024-35934, CVE-2024-35902, CVE-2024-27013, CVE-2024-26951, CVE-2024-35901, CVE-2024-35938, CVE-2024-35936, CVE-2024-26958, CVE-2024-27059, CVE-2024-27001, CVE-2024-35825, CVE-2024-35925, CVE-2024-36004, CVE-2024-26960, CVE-2024-26923, CVE-2024-35927, CVE-2024-27009, CVE-2024-35847, CVE-2024-35871, CVE-2024-27020, CVE-2024-26811, CVE-2024-35897, CVE-2024-26994, CVE-2024-35935, CVE-2024-35978, CVE-2024-26934, CVE-2024-26828, CVE-2023-52699, CVE-2024-26810, CVE-2024-35890, CVE-2024-35955, CVE-2024-35899, CVE-2024-35885, CVE-2024-36020, CVE-2024-26813, CVE-2024-26814, CVE-2024-27016, CVE-2024-35852, CVE-2024-27437, CVE-2024-35933, CVE-2024-35857, CVE-2024-26973, CVE-2024-35813, CVE-2024-27015, CVE-2024-35791, CVE-2024-26687, CVE-2024-35976, CVE-2024-35853, CVE-2024-35969, CVE-2024-35940, CVE-2024-35809, CVE-2024-35888, CVE-2023-52488, CVE-2024-26926, CVE-2024-36005, CVE-2024-26996, CVE-2024-27000, CVE-2024-26957, CVE-2024-26974, CVE-2024-26977, CVE-2024-36031, CVE-2024-26966, CVE-2024-35815, CVE-2024-35960, CVE-2024-35806, CVE-2024-26642, CVE-2023-52880, CVE-2024-26925, CVE-2024-26989, CVE-2024-26965, CVE-2024-35997, CVE-2024-26993, CVE-2024-26955, CVE-2024-35872, CVE-2024-35893, CVE-2024-35896, CVE-2024-35805, CVE-2024-27019, CVE-2024-35898, CVE-2024-35970, CVE-2024-35988, CVE-2024-35854, CVE-2024-26976, CVE-2024-35984, CVE-2024-35804, CVE-2024-35807, CVE-2024-26964, CVE-2024-36025, CVE-2024-27396, CVE-2024-26935, CVE-2024-35785, CVE-2024-26812, CVE-2024-26817)

USN-6897-1: Ghostscript vulnerabilities

3 days 6 hours ago
It was discovered that Ghostscript incorrectly handled certain long PDF filter names. An attacker could possibly use this issue to cause Ghostscript to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2024-29506) It was discovered that Ghostscript incorrectly handled certain API parameters. An attacker could possibly use this issue to cause Ghostscript to crash, resulting in a denial of service. This issue only affected Ubuntu 24.04 LTS. (CVE-2024-29507) It was discovered that Ghostscript incorrectly handled certain BaseFont names. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2024-29508) It was discovered that Ghostscript incorrectly handled certain PDF passwords that contained NULL bytes. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2024-29509) It was discovered that Ghostscript incorrectly handled certain certain file paths when doing OCR. An attacker could use this issue to read arbitrary files and write error messages to arbitrary files. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2024-29511)

USN-6896-1: Linux kernel vulnerabilities

6 days 3 hours ago
It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-6270) It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service. (CVE-2023-7042) Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race condition, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-22099) Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-23307) It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service. (CVE-2024-24857, CVE-2024-24858, CVE-2024-24859) Bai Jiaju discovered that the Xceive XC4000 silicon tuner device driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-24861) Chenyuan Yang discovered that the Unsorted Block Images (UBI) flash device volume management subsystem did not properly validate logical eraseblock sizes in certain situations. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-25739) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - x86 architecture; - Block layer subsystem; - Accessibility subsystem; - ACPI drivers; - Android drivers; - Bluetooth drivers; - Clock framework and drivers; - Data acquisition framework and drivers; - Cryptographic API; - GPU drivers; - HID subsystem; - I2C subsystem; - IRQ chip drivers; - Multiple devices driver; - Media drivers; - VMware VMCI Driver; - MMC subsystem; - Network drivers; - PCI subsystem; - SCSI drivers; - Freescale SoC drivers; - SPI subsystem; - Media staging drivers; - TTY drivers; - USB subsystem; - VFIO drivers; - Framebuffer layer; - Xen hypervisor drivers; - File systems infrastructure; - BTRFS file system; - Ext4 file system; - FAT file system; - NILFS2 file system; - Diskquota system; - SMB network file system; - UBI file system; - io_uring subsystem; - BPF subsystem; - Core kernel; - Memory management; - B.A.T.M.A.N. meshing protocol; - Bluetooth subsystem; - Networking core; - HSR network protocol; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Netfilter; - NET/ROM layer; - NFC subsystem; - Open vSwitch; - Packet sockets; - RDS protocol; - Network traffic control; - Sun RPC protocol; - Unix domain sockets; - ALSA SH drivers; - USB sound devices; - KVM core; (CVE-2024-35969, CVE-2024-35819, CVE-2024-26851, CVE-2024-26816, CVE-2024-26643, CVE-2023-52656, CVE-2024-27020, CVE-2024-35821, CVE-2024-35930, CVE-2024-35936, CVE-2024-27075, CVE-2024-26817, CVE-2024-26984, CVE-2024-35895, CVE-2024-35853, CVE-2024-27043, CVE-2024-35978, CVE-2024-35960, CVE-2024-26882, CVE-2024-35806, CVE-2024-35830, CVE-2024-26852, CVE-2024-35915, CVE-2024-36006, CVE-2024-35935, CVE-2024-26926, CVE-2024-35877, CVE-2024-27396, CVE-2024-26654, CVE-2024-27077, CVE-2024-27078, CVE-2024-27000, CVE-2024-35888, CVE-2024-27437, CVE-2024-26994, CVE-2024-26973, CVE-2024-26687, CVE-2024-26955, CVE-2024-26898, CVE-2024-26859, CVE-2023-52620, CVE-2024-35893, CVE-2024-26903, CVE-2024-26862, CVE-2024-35950, CVE-2023-52644, CVE-2024-26969, CVE-2024-27028, CVE-2024-35984, CVE-2024-36007, CVE-2024-35925, CVE-2024-36020, CVE-2024-26956, CVE-2024-35789, CVE-2024-26878, CVE-2024-35855, CVE-2024-35822, CVE-2023-52699, CVE-2024-27044, CVE-2024-27030, CVE-2024-27065, CVE-2024-26993, CVE-2024-27395, CVE-2024-27013, CVE-2024-35922, CVE-2024-26586, CVE-2024-36004, CVE-2024-35897, CVE-2024-35807, CVE-2024-26901, CVE-2024-27076, CVE-2023-52880, CVE-2022-48627, CVE-2024-26894, CVE-2023-52650, CVE-2024-27001, CVE-2024-26863, CVE-2024-26651, CVE-2024-35886, CVE-2024-35982, CVE-2024-26883, CVE-2024-26935, CVE-2024-27074, CVE-2024-35849, CVE-2024-35955, CVE-2024-26965, CVE-2024-35898, CVE-2024-26855, CVE-2024-35933, CVE-2024-35823, CVE-2024-35815, CVE-2024-26880, CVE-2024-26874, CVE-2024-26642, CVE-2024-26937, CVE-2024-35854, CVE-2024-35997, CVE-2024-27059, CVE-2024-26812, CVE-2024-26999, CVE-2024-26923, CVE-2024-26934, CVE-2024-27024, CVE-2024-27419, CVE-2024-35847, CVE-2024-26974, CVE-2024-26875, CVE-2024-35805, CVE-2024-27008, CVE-2024-26889, CVE-2024-27053, CVE-2024-27388, CVE-2024-26981, CVE-2024-26976, CVE-2024-35973, CVE-2024-35852, CVE-2024-35809, CVE-2024-27004, CVE-2024-26884, CVE-2024-35899, CVE-2024-26931, CVE-2024-35813, CVE-2024-26922, CVE-2024-26957, CVE-2024-35944, CVE-2024-27038, CVE-2024-35910, CVE-2024-26925, CVE-2024-26820, CVE-2024-26857, CVE-2024-26828, CVE-2024-35825, CVE-2024-26813, CVE-2024-27046, CVE-2024-26810, CVE-2024-27436, CVE-2024-27073, CVE-2024-35828, CVE-2024-35900, CVE-2024-26966)

USN-6895-1: Linux kernel vulnerabilities

6 days 7 hours ago
It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-6270) It was discovered that the HugeTLB file system component of the Linux Kernel contained a NULL pointer dereference vulnerability. A privileged attacker could possibly use this to to cause a denial of service. (CVE-2024-0841) It was discovered that the Open vSwitch implementation in the Linux kernel could overflow its stack during recursive action operations under certain conditions. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-1151) Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-23307) Bai Jiaju discovered that the Xceive XC4000 silicon tuner device driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-24861) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Cryptographic API; - Android drivers; - Block layer subsystem; - Bluetooth drivers; - DMA engine subsystem; - GPU drivers; - HID subsystem; - Hardware monitoring drivers; - I2C subsystem; - IIO ADC drivers; - IIO subsystem; - IIO Magnetometer sensors drivers; - InfiniBand drivers; - On-Chip Interconnect management framework; - Multiple devices driver; - Media drivers; - Network drivers; - PHY drivers; - MediaTek PM domains; - SCSI drivers; - TTY drivers; - USB subsystem; - DesignWare USB3 driver; - Framebuffer layer; - AFS file system; - BTRFS file system; - Ceph distributed file system; - Ext4 file system; - File systems infrastructure; - NILFS2 file system; - NTFS3 file system; - SMB network file system; - Core kernel; - Memory management; - Bluetooth subsystem; - CAN network layer; - Devlink API; - Handshake API; - HSR network protocol; - IPv4 networking; - IPv6 networking; - MAC80211 subsystem; - Multipath TCP; - Netfilter; - NFC subsystem; - RxRPC session sockets; - TIPC protocol; - Unix domain sockets; - Realtek audio codecs; (CVE-2024-26822, CVE-2024-26917, CVE-2024-26723, CVE-2024-26715, CVE-2024-26718, CVE-2024-26664, CVE-2024-26707, CVE-2024-26697, CVE-2024-26720, CVE-2024-26660, CVE-2024-26677, CVE-2024-26736, CVE-2024-26719, CVE-2024-26642, CVE-2024-26700, CVE-2024-26666, CVE-2024-26684, CVE-2024-26803, CVE-2024-26698, CVE-2024-26711, CVE-2024-26922, CVE-2024-26828, CVE-2024-26910, CVE-2024-26829, CVE-2024-26685, CVE-2024-26920, CVE-2024-26696, CVE-2024-26826, CVE-2023-52642, CVE-2024-26703, CVE-2024-26708, CVE-2024-26838, CVE-2024-26716, CVE-2023-52631, CVE-2024-26782, CVE-2024-26593, CVE-2024-26659, CVE-2024-26825, CVE-2024-26824, CVE-2024-26712, CVE-2024-26674, CVE-2024-26722, CVE-2023-52643, CVE-2024-26714, CVE-2024-26691, CVE-2024-27416, CVE-2024-26830, CVE-2023-52880, CVE-2024-26702, CVE-2023-52645, CVE-2024-26820, CVE-2024-26662, CVE-2024-26689, CVE-2024-26676, CVE-2024-26923, CVE-2024-26603, CVE-2024-26818, CVE-2023-52638, CVE-2024-26733, CVE-2024-26601, CVE-2024-26790, CVE-2024-26661, CVE-2024-26600, CVE-2024-26680, CVE-2024-26748, CVE-2024-26792, CVE-2024-26889, CVE-2024-26681, CVE-2024-26688, CVE-2024-26665, CVE-2024-26602, CVE-2024-26734, CVE-2024-35833, CVE-2024-26919, CVE-2024-26916, CVE-2024-26667, CVE-2024-26606, CVE-2024-26693, CVE-2024-26717, CVE-2023-52637, CVE-2024-26831, CVE-2024-26663, CVE-2024-26694, CVE-2024-26802, CVE-2024-26710, CVE-2024-26789, CVE-2024-26679, CVE-2024-26675, CVE-2024-26798, CVE-2024-26695, CVE-2024-26726, CVE-2024-26926, CVE-2024-26735, CVE-2024-26898, CVE-2024-26890)

USN-6864-3: Linux kernel (GKE) vulnerabilities

6 days 20 hours ago
It was discovered that the Intel Data Streaming and Intel Analytics Accelerator drivers in the Linux kernel allowed direct access to the devices for unprivileged users and virtual machines. A local attacker could use this to cause a denial of service. (CVE-2024-21823) A security issue was discovered in the Linux kernel. An attacker could possibly use it to compromise the system. This update corrects flaws in the following subsystem: - Netfilter; (CVE-2024-26924)

USN-6894-1: Apport vulnerabilities

6 days 21 hours ago
Muqing Liu and neoni discovered that Apport incorrectly handled detecting if an executable was replaced after a crash. A local attacker could possibly use this issue to execute arbitrary code as the root user. (CVE-2021-3899) Gerrit Venema discovered that Apport incorrectly handled connections to Apport sockets inside containers. A local attacker could possibly use this issue to connect to arbitrary sockets as the root user. (CVE-2022-1242) Gerrit Venema discovered that Apport incorrectly handled user settings files. A local attacker could possibly use this issue to cause Apport to consume resources, leading to a denial of service. (CVE-2022-28652) Gerrit Venema discovered that Apport did not limit the amount of logging from D-Bus connections. A local attacker could possibly use this issue to fill up the Apport log file, leading to a denial of service. (CVE-2022-28654) Gerrit Venema discovered that Apport did not filter D-Bus connection strings. A local attacker could possibly use this issue to cause Apport to make arbitrary network connections. (CVE-2022-28655) Gerrit Venema discovered that Apport did not limit the amount of memory being consumed during D-Bus connections. A local attacker could possibly use this issue to cause Apport to consume memory, leading to a denial of service. (CVE-2022-28656) Gerrit Venema discovered that Apport did not disable the python crash handler before chrooting into a container. A local attacker could possibly use this issue to execute arbitrary code. (CVE-2022-28657) Gerrit Venema discovered that Apport incorrectly handled filename argument whitespace. A local attacker could possibly use this issue to spoof arguments to the Apport daemon. (CVE-2022-28658)

USN-6893-1: Linux kernel vulnerabilities

6 days 22 hours ago
It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel when modifying certain settings values through debugfs. A privileged local attacker could use this to cause a denial of service. (CVE-2024-24857, CVE-2024-24858, CVE-2024-24859) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - RISC-V architecture; - S390 architecture; - x86 architecture; - Block layer subsystem; - Compute Acceleration Framework; - Accessibility subsystem; - Android drivers; - Drivers core; - Bluetooth drivers; - Clock framework and drivers; - Data acquisition framework and drivers; - Cryptographic API; - Buffer Sharing and Synchronization framework; - GPU drivers; - On-Chip Interconnect management framework; - IOMMU subsystem; - Multiple devices driver; - Media drivers; - VMware VMCI Driver; - Network drivers; - Microsoft Azure Network Adapter (MANA) driver; - Device tree and open firmware driver; - Chrome hardware platform drivers; - i.MX PM domains; - TI SCI PM domains driver; - S/390 drivers; - SCSI drivers; - SPI subsystem; - Thermal drivers; - TTY drivers; - USB subsystem; - Framebuffer layer; - BTRFS file system; - Network file system server daemon; - NILFS2 file system; - File systems infrastructure; - Pstore file system; - SMB network file system; - BPF subsystem; - Bluetooth subsystem; - Netfilter; - io_uring subsystem; - Core kernel; - Extra boot config (XBC); - Memory management; - Amateur Radio drivers; - B.A.T.M.A.N. meshing protocol; - Ethernet bridge; - Networking core; - IPv4 networking; - IPv6 networking; - Multipath TCP; - NFC subsystem; - RDS protocol; - Network traffic control; - SMC sockets; - Sun RPC protocol; - TLS protocol; - Unix domain sockets; - Wireless networking; - eXpress Data Path; - SELinux security module; (CVE-2024-35967, CVE-2024-35886, CVE-2024-26999, CVE-2024-27008, CVE-2024-26988, CVE-2024-35980, CVE-2024-26982, CVE-2024-35946, CVE-2024-35918, CVE-2024-27015, CVE-2024-35900, CVE-2024-35942, CVE-2024-35879, CVE-2024-35961, CVE-2024-35944, CVE-2024-35934, CVE-2024-35978, CVE-2024-35938, CVE-2024-27003, CVE-2024-35976, CVE-2024-36019, CVE-2024-35880, CVE-2024-35866, CVE-2024-35929, CVE-2024-35917, CVE-2024-35912, CVE-2024-35896, CVE-2024-26986, CVE-2024-35951, CVE-2024-35958, CVE-2024-26997, CVE-2024-35965, CVE-2024-35953, CVE-2024-26993, CVE-2024-26991, CVE-2024-35892, CVE-2024-36026, CVE-2024-35882, CVE-2024-35964, CVE-2024-35865, CVE-2024-35897, CVE-2024-26981, CVE-2024-35872, CVE-2024-36027, CVE-2024-26983, CVE-2024-35909, CVE-2024-35985, CVE-2024-35875, CVE-2024-35890, CVE-2024-26922, CVE-2024-26994, CVE-2024-35903, CVE-2024-35936, CVE-2024-35904, CVE-2024-27013, CVE-2024-36025, CVE-2024-26980, CVE-2024-27006, CVE-2024-35861, CVE-2024-35864, CVE-2024-27018, CVE-2024-36022, CVE-2024-26990, CVE-2024-35968, CVE-2024-35860, CVE-2024-36024, CVE-2024-35933, CVE-2024-27019, CVE-2024-35925, CVE-2024-35950, CVE-2024-35915, CVE-2024-35916, CVE-2024-35956, CVE-2024-36020, CVE-2024-35873, CVE-2024-27002, CVE-2024-35963, CVE-2024-35959, CVE-2024-35937, CVE-2024-27011, CVE-2024-27020, CVE-2024-35883, CVE-2024-35913, CVE-2024-35910, CVE-2024-27021, CVE-2024-35921, CVE-2024-35905, CVE-2024-27010, CVE-2024-35981, CVE-2024-35885, CVE-2024-35955, CVE-2024-35894, CVE-2024-35969, CVE-2024-36018, CVE-2024-35867, CVE-2024-27007, CVE-2024-35908, CVE-2024-26985, CVE-2024-27016, CVE-2024-35960, CVE-2024-35935, CVE-2024-35932, CVE-2024-35957, CVE-2024-27001, CVE-2024-35871, CVE-2024-35907, CVE-2024-35878, CVE-2024-35979, CVE-2024-35972, CVE-2024-35975, CVE-2024-35877, CVE-2024-35926, CVE-2024-26817, CVE-2024-35899, CVE-2024-27004, CVE-2024-35920, CVE-2024-35924, CVE-2024-35977, CVE-2024-35930, CVE-2024-35911, CVE-2024-26996, CVE-2024-27005, CVE-2024-35870, CVE-2024-35982, CVE-2024-35895, CVE-2024-35943, CVE-2024-35902, CVE-2024-35919, CVE-2024-35973, CVE-2024-35931, CVE-2024-35888, CVE-2024-35914, CVE-2024-35970, CVE-2024-36023, CVE-2024-27012, CVE-2024-35939, CVE-2024-26984, CVE-2024-35884, CVE-2024-35901, CVE-2024-26811, CVE-2024-35966, CVE-2024-35891, CVE-2024-35887, CVE-2024-35945, CVE-2024-35971, CVE-2024-35862, CVE-2024-26987, CVE-2024-26921, CVE-2024-26989, CVE-2024-35952, CVE-2024-27009, CVE-2024-35893, CVE-2024-26995, CVE-2024-26925, CVE-2024-35868, CVE-2024-35954, CVE-2024-35922, CVE-2024-27000, CVE-2024-36021, CVE-2024-27014, CVE-2024-35940, CVE-2024-26992, CVE-2024-26926, CVE-2024-35927, CVE-2024-35863, CVE-2024-27022, CVE-2024-26998, CVE-2024-27017, CVE-2024-26928, CVE-2024-35889, CVE-2024-35898, CVE-2024-35869, CVE-2024-26936, CVE-2024-26923, CVE-2023-52699, CVE-2024-35974)

USN-6885-2: Apache HTTP Server regression

1 week ago
USN-6885-1 fixed vulnerabilities in Apache HTTP Server. One of the security fixes introduced a regression when proxying requests to a HTTP/2 server. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Marc Stern discovered that the Apache HTTP Server incorrectly handled serving WebSocket protocol upgrades over HTTP/2 connections. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. (CVE-2024-36387) Orange Tsai discovered that the Apache HTTP Server mod_proxy module incorrectly sent certain request URLs with incorrect encodings to backends. A remote attacker could possibly use this issue to bypass authentication. (CVE-2024-38473) Orange Tsai discovered that the Apache HTTP Server mod_rewrite module incorrectly handled certain substitutions. A remote attacker could possibly use this issue to execute scripts in directories not directly reachable by any URL, or cause a denial of service. Some environments may require using the new UnsafeAllow3F flag to handle unsafe substitutions. (CVE-2024-38474, CVE-2024-38475, CVE-2024-39573) Orange Tsai discovered that the Apache HTTP Server incorrectly handled certain response headers. A remote attacker could possibly use this issue to obtain sensitive information, execute local scripts, or perform SSRF attacks. (CVE-2024-38476) Orange Tsai discovered that the Apache HTTP Server mod_proxy module incorrectly handled certain requests. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. (CVE-2024-38477) It was discovered that the Apache HTTP Server incorrectly handled certain handlers configured via AddType. A remote attacker could possibly use this issue to obtain source code. (CVE-2024-39884)

USN-6891-1: Python vulnerabilities

1 week ago
It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS. (CVE-2015-20107) It was discovered that Python incorrectly used regular expressions vulnerable to catastrophic backtracking. A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2018-1060, CVE-2018-1061) It was discovered that Python failed to initialize Expat’s hash salt. A remote attacker could possibly use this issue to cause hash collisions, leading to a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2018-14647) It was discovered that Python incorrectly handled certain pickle files. An attacker could possibly use this issue to consume memory, leading to a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2018-20406) It was discovered that Python incorrectly validated the domain when handling cookies. An attacker could possibly trick Python into sending cookies to the wrong domain. This issue only affected Ubuntu 14.04 LTS. (CVE-2018-20852) Jonathan Birch and Panayiotis Panayiotou discovered that Python incorrectly handled Unicode encoding during NFKC normalization. An attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 14.04 LTS. (CVE-2019-9636, CVE-2019-10160) It was discovered that Python incorrectly parsed certain email addresses. A remote attacker could possibly use this issue to trick Python applications into accepting email addresses that should be denied. This issue only affected Ubuntu 14.04 LTS. (CVE-2019-16056) It was discovered that the Python documentation XML-RPC server incorrectly handled certain fields. A remote attacker could use this issue to execute a cross-site scripting (XSS) attack. This issue only affected Ubuntu 14.04 LTS. (CVE-2019-16935) It was discovered that Python documentation had a misleading information. A security issue could be possibly caused by wrong assumptions of this information. This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-17514) It was discovered that Python incorrectly stripped certain characters from requests. A remote attacker could use this issue to perform CRLF injection. This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-18348) It was discovered that Python incorrectly handled certain TAR archives. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-20907) Colin Read and Nicolas Edet discovered that Python incorrectly handled parsing certain X509 certificates. An attacker could possibly use this issue to cause Python to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2019-5010) It was discovered that incorrectly handled certain ZIP files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2019-9674) It was discovered that Python incorrectly handled certain urls. A remote attacker could possibly use this issue to perform CRLF injection attacks. This issue only affected Ubuntu 14.04 LTS. (CVE-2019-9740, CVE-2019-9947) Sihoon Lee discovered that Python incorrectly handled the local_file: scheme. A remote attacker could possibly use this issue to bypass blocklist meschanisms. This issue only affected Ubuntu 14.04 LTS. (CVE-2019-9948) It was discovered that Python incorrectly handled certain IP values. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS. (CVE-2020-14422) It was discovered that Python incorrectly handled certain character sequences. A remote attacker could possibly use this issue to perform CRLF injection. This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS. (CVE-2020-26116) It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2020-27619, CVE-2021-3177) It was discovered that Python incorrectly handled certain HTTP requests. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2020-8492) It was discovered that the Python stdlib ipaddress API incorrectly handled octal strings. A remote attacker could possibly use this issue to perform a wide variety of attacks, including bypassing certain access restrictions. This issue only affected Ubuntu 18.04 LTS. (CVE-2021-29921) David Schwörer discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 18.04 LTS. (CVE-2021-3426) It was discovered that Python incorrectly handled certain RFCs. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2021-3733) It was discovered that Python incorrectly handled certain server responses. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2021-3737) It was discovered that Python incorrectly handled certain FTP requests. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS. (CVE-2021-4189) It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS. (CVE-2022-0391) Devin Jeanpierre discovered that Python incorrectly handled sockets when the multiprocessing module was being used. A local attacker could possibly use this issue to execute arbitrary code and escalate privileges. This issue only affected Ubuntu 22.04 LTS. (CVE-2022-42919) It was discovered that Python incorrectly handled certain inputs. If a user or an automated system were tricked into running a specially crafted input, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 18.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-45061, CVE-2023-24329) It was discovered that Python incorrectly handled certain scripts. An attacker could possibly use this issue to execute arbitrary code or cause a crash. This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS. (CVE-2022-48560) It was discovered that Python incorrectly handled certain plist files. If a user or an automated system were tricked into processing a specially crafted plist file, an attacker could possibly use this issue to consume resources, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS. (CVE-2022-48564) It was discovered that Python did not properly handle XML entity declarations in plist files. An attacker could possibly use this vulnerability to perform an XML External Entity (XXE) injection, resulting in a denial of service or information disclosure. This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS. (CVE-2022-48565) It was discovered that Python did not properly provide constant-time processing for a crypto operation. An attacker could possibly use this issue to perform a timing attack and recover sensitive information. This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS. (CVE-2022-48566) It was discovered that Python instances of ssl.SSLSocket were vulnerable to a bypass of the TLS handshake. An attacker could possibly use this issue to cause applications to treat unauthenticated received data before TLS handshake as authenticated data after TLS handshake. This issue only affected Ubuntu 14.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-40217) It was discovered that Python incorrectly handled null bytes when normalizing pathnames. An attacker could possibly use this issue to bypass certain filename checks. This issue only affected Ubuntu 22.04 LTS. (CVE-2023-41105) It was discovered that Python incorrectly handled privilege with certain parameters. An attacker could possibly use this issue to maintain the original processes' groups before starting the new process. This issue only affected Ubuntu 23.10. (CVE-2023-6507) It was discovered that Python incorrectly handled symlinks in temp files. An attacker could possibly use this issue to modify the permissions of files. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 23.10. (CVE-2023-6597) It was discovered that Python incorrectly handled certain crafted zip files. An attacker could possibly use this issue to crash the program, resulting in a denial of service. (CVE-2024-0450)

USN-6888-2: Django vulnerabilities

1 week ago
USN-6888-1 fixed several vulnerabilities in Django. This update provides the corresponding update for Ubuntu 18.04 LTS. Original advisory details: Elias Myllymäki discovered that Django incorrectly handled certain inputs with a large number of brackets. A remote attacker could possibly use this issue to cause Django to consume resources or stop responding, resulting in a denial of service. (CVE-2024-38875) It was discovered that Django incorrectly handled authenticating users with unusable passwords. A remote attacker could possibly use this issue to perform a timing attack and enumerate users. (CVE-2024-39329) Josh Schneier discovered that Django incorrectly handled file path validation when the storage class is being derived. A remote attacker could possibly use this issue to save files into arbitrary directories. (CVE-2024-39330) It was discovered that Django incorrectly handled certain long strings that included a specific set of characters. A remote attacker could possibly use this issue to cause Django to consume resources or stop responding, resulting in a denial of service. (CVE-2024-39614)

USN-6866-3: Linux kernel (Azure) vulnerabilities

1 week ago
It was discovered that the ext4 file system implementation in the Linux kernel did not properly validate data state on write operations. An attacker could use this to construct a malicious ext4 file system image that, when mounted, could cause a denial of service (system crash). (CVE-2021-33631) It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2023-6270) Sander Wiebing, Alvise de Faveri Tron, Herbert Bos, and Cristiano Giuffrida discovered that the Linux kernel mitigations for the initial Branch History Injection vulnerability (CVE-2022-0001) were insufficient for Intel processors. A local attacker could potentially use this to expose sensitive information. (CVE-2024-2201) Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-23307) Bai Jiaju discovered that the Xceive XC4000 silicon tuner device driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-24861) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Block layer subsystem; - Hardware random number generator core; - GPU drivers; - AFS file system; - Memory management; - Netfilter; (CVE-2024-26642, CVE-2024-26922, CVE-2024-26720, CVE-2024-26736, CVE-2024-26898, CVE-2021-47063, CVE-2023-52615)
Checked
52 minutes 15 seconds ago