[CLSA-2023:1695901231] Fix of 7 CVEs
Type:
security
Severity:
Important
Release date:
2023-09-28 11:40:36 UTC
Description:
* CVE-url: https://ubuntu.com/security/CVE-2023-42753 - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c * CVE-2022-40982 // CVE-url: https://ubuntu.com/security/CVE-2022-40982 - init: Provide arch_cpu_finalize_init() - x86/cpu: Switch to arch_cpu_finalize_init() - init: Remove check_bugs() leftovers - x86/speculation: Add Gather Data Sampling mitigation - x86/speculation: Add force option to GDS mitigation - x86/speculation: Add Kconfig option for GDS - KVM: Add GDS_NO support to KVM * CVE-url: https://ubuntu.com/security/CVE-2022-40982 - x86/cpu: Move arch_smt_update() to a neutral place * Bionic update: upstream stable patchset 2019-07-23 (LP: #1837664) // CVE- url: https://ubuntu.com/security/CVE-2022-40982 - cpu/hotplug: Fix "SMT disabled by BIOS" detection for KVM * Jammy update: v5.15.94 upstream stable release (LP: #2012673) // CVE-url: https://ubuntu.com/security/CVE-2022-40982 - x86/speculation: Identify processors vulnerable to SMT RSB predictions * CVE-2023-20588 // CVE-url: https://ubuntu.com/security/CVE-2023-20588 - x86/bugs: Increase the x86 bugs vector size to two u32s - x86/CPU/AMD: Do not leak quotient data after a division by 0 - x86/CPU/AMD: Fix the DIV(0) initial fix attempt * CVE-2023-3863 // CVE-url: https://ubuntu.com/security/CVE-2023-3863 - nfc: llcp: simplify llcp_sock_connect() error paths - net: nfc: Fix use-after-free caused by nfc_llcp_find_local * Jammy update: v5.15.46 upstream stable release (LP: #1981864) // CVE-url: https://ubuntu.com/security/CVE-2023-4385 - fs: jfs: fix possible NULL pointer dereference in dbFree() * Jammy update: v5.15.42 upstream stable release (LP: #1981375) // CVE-url: https://ubuntu.com/security/CVE-2023-4459 - net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup() * CVE-url: https://ubuntu.com/security/CVE-2023-4921 - net: sched: sch_qfq: Fix UAF in qfq_dequeue() * Miscellaneous Ubuntu changes - [Config] CONFIG_GDS_FORCE_MITIGATION=n
Updated packages:
  • linux-buildinfo-4.4.0-246-tuxcare.els17-generic_4.4.0-246.280_amd64.deb
    sha:4c37c11aebbad105c46f0806271621ac57369ca1
  • linux-buildinfo-4.4.0-246-tuxcare.els17-lowlatency_4.4.0-246.280_amd64.deb
    sha:3cfc99bd0ff10c69fa897c2014514abc0122c78f
  • linux-cloud-tools-4.4.0-246-tuxcare.els17_4.4.0-246.280_amd64.deb
    sha:ae9ffca797acb9148516a0e64a3ed7a4091f15d8
  • linux-cloud-tools-4.4.0-246-tuxcare.els17-generic_4.4.0-246.280_amd64.deb
    sha:39adc1fe590559eb234731644b004b9383f29bce
  • linux-cloud-tools-4.4.0-246-tuxcare.els17-lowlatency_4.4.0-246.280_amd64.deb
    sha:64bb98e3c55a58921563bbe826bb3f43023c39ab
  • linux-cloud-tools-common_4.4.0-246.280_all.deb
    sha:10e5cfa3a49a98fffb9ac9c1f78050b6e2f55ace
  • linux-cloud-tools-generic_4.4.0.246.280_amd64.deb
    sha:575a403aa768da6db7d265fd3ead02dfaf5f8e2a
  • linux-cloud-tools-lowlatency_4.4.0.246.280_amd64.deb
    sha:072b2f1990950c800cb211f9798e9c800b3213b0
  • linux-crashdump_4.4.0.246.280_amd64.deb
    sha:3a345f98542dcadae74f1ddeb24cc871f0ef661d
  • linux-doc_4.4.0-246.280_all.deb
    sha:12970d7093d08d6bf27529af8ca2c63c02a7d9a7
  • linux-generic_4.4.0.246.280_amd64.deb
    sha:baab391b206502eb7e54ff25b6d1b88e51735401
  • linux-headers-4.4.0-246-tuxcare.els17_4.4.0-246.280_all.deb
    sha:c384fb64b4aadd68755fe8eabf1b1717cb1d5b13
  • linux-headers-4.4.0-246-tuxcare.els17-generic_4.4.0-246.280_amd64.deb
    sha:c7f3c566e70de02d0e1c2b6f8fcf4e3903157e8e
  • linux-headers-4.4.0-246-tuxcare.els17-lowlatency_4.4.0-246.280_amd64.deb
    sha:37f0e26b85362f825198a61452b300cdf5b0d7a6
  • linux-headers-generic_4.4.0.246.280_amd64.deb
    sha:21a08f0f144baa1c16b8c5e0e5763d85178a434e
  • linux-headers-lowlatency_4.4.0.246.280_amd64.deb
    sha:5aec500f45ee1c0d9e2659fea4825c2ccff9069a
  • linux-image-generic_4.4.0.246.280_amd64.deb
    sha:dc2c5de4b66c7d3e9b0f38fb30af2c28c198136a
  • linux-image-lowlatency_4.4.0.246.280_amd64.deb
    sha:a8c01a6f494ee83c5cd8fa098b188b2ac26957a0
  • linux-image-unsigned-4.4.0-246-tuxcare.els17-generic_4.4.0-246.280_amd64.deb
    sha:cc848891a7b504f79544fdf2de1b0f088661d8e2
  • linux-image-unsigned-4.4.0-246-tuxcare.els17-lowlatency_4.4.0-246.280_amd64.deb
    sha:60f4e0f2dc9c9c942a23fb0ddb4f970b81f07584
  • linux-libc-dev_4.4.0-246.280_amd64.deb
    sha:e13a99f5e21e9df8c4917f2877a0ed25065ed9dc
  • linux-lowlatency_4.4.0.246.280_amd64.deb
    sha:0615bd374943bd48f90eabf7184baf9ecad23aa2
  • linux-modules-4.4.0-246-tuxcare.els17-generic_4.4.0-246.280_amd64.deb
    sha:8d329bd21a3c3b23c0e5bf0d47373ffebc02a4a8
  • linux-modules-4.4.0-246-tuxcare.els17-lowlatency_4.4.0-246.280_amd64.deb
    sha:bd96a38796a8068d23fd09236d3426f339fda8b5
  • linux-modules-extra-4.4.0-246-tuxcare.els17-generic_4.4.0-246.280_amd64.deb
    sha:11fda423d6573e070179728ecf8e11a0a65161d6
  • linux-source_4.4.0.246.280_all.deb
    sha:b7de25d147bd3736cd2599e9e10bd18b0a566e64
  • linux-source-4.4.0_4.4.0-246.280_all.deb
    sha:85493c82a4959277934739df613ed39fed5116e5
  • linux-tools-4.4.0-246-tuxcare.els17_4.4.0-246.280_amd64.deb
    sha:14e37b40f0120c79c0d398aef94148ae5fc9b1c0
  • linux-tools-4.4.0-246-tuxcare.els17-generic_4.4.0-246.280_amd64.deb
    sha:078e360dc448819c2b5fb9ab97425ea1b6869b50
  • linux-tools-4.4.0-246-tuxcare.els17-lowlatency_4.4.0-246.280_amd64.deb
    sha:7576f25f52632d7c0eeedefa795a3dbd1156a749
  • linux-tools-common_4.4.0-246.280_all.deb
    sha:3a625507a4a7284460a91564d8429d970901add5
  • linux-tools-generic_4.4.0.246.280_amd64.deb
    sha:5d8b35595c4191285f110afd27fbcfdd3ca0bceb
  • linux-tools-host_4.4.0-246.280_all.deb
    sha:5a5eb8d5cee298349007e5bf17f1242556c5ea3c
  • linux-tools-lowlatency_4.4.0.246.280_amd64.deb
    sha:fad6259c370ad0420d37bf3bdc7e0661efca0384
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.