[CLSA-2024:1721658474] Fix of 66 CVEs

Type:

security

Severity:

Important

Release date:

2024-07-22 14:27:58 UTC

Description:

   * CVE-url: https://ubuntu.com/security/CVE-2024-26810
     - vfio/pci: Lock external INTx masking ops
   * CVE-url: https://ubuntu.com/security/CVE-2024-38587
     - speakup: Fix sizeof() vs ARRAY_SIZE() bug
   * CVE-url: https://ubuntu.com/security/CVE-2024-39493
     - crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak
   * CVE-url: https://ubuntu.com/security/CVE-2024-38381
     - nfc: nci: Fix uninit-value in nci_rx_work
   * CVE-url: https://ubuntu.com/security/CVE-2023-52620
     - netfilter: nf_tables: disallow timeout for anonymous sets
   * CVE-url: https://ubuntu.com/security/CVE-2024-35805
     - dm snapshot: fix lockup in dm_exception_table_exit
   * CVE-url: https://ubuntu.com/security/CVE-2024-26923
     - af_unix: Fix garbage collector racing against connect()
   * CVE-url: https://ubuntu.com/security/CVE-2024-35969
     - ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr
   * CVE-url: https://ubuntu.com/security/CVE-2024-26863
     - hsr: Fix uninit-value access in hsr_get_node()
   * CVE-url: https://ubuntu.com/security/CVE-2024-26993
     - fs: sysfs: Fix reference leak in sysfs_break_active_protection()
   * CVE-url: https://ubuntu.com/security/CVE-2024-27388
     - SUNRPC: fix some memleaks in gssx_dec_option_array
   * CVE-url: https://ubuntu.com/security/CVE-2024-35886
     - ipv6: Fix infinite recursion in fib6_dump_done().
   * CVE-url: https://ubuntu.com/security/CVE-2024-35809
     - PCI/PM: Drain runtime-idle callbacks before driver removal
   * CVE-url: https://ubuntu.com/security/CVE-2024-26875
     - media: pvrusb2: fix uaf in pvr2_context_set_notify
   * CVE-url: https://ubuntu.com/security/CVE-2024-26851
     - netfilter: nf_conntrack_h323: Add protection for bmp length out of range
   * CVE-url: https://ubuntu.com/security/CVE-2024-35915
     - nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet
   * CVE-url: https://ubuntu.com/security/CVE-2024-26999
     - serial/pmac_zilog: Remove flawed mitigation for rx irq flood
   * CVE-url: https://ubuntu.com/security/CVE-2023-52699
     - sysv: don't call sb_bread() with pointers_lock held
   * CVE-url: https://ubuntu.com/security/CVE-2024-35828
     - wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer()
   * CVE-url: https://ubuntu.com/security/CVE-2024-27001
     - comedi: vmk80xx: fix incomplete endpoint checking
   * CVE-url: https://ubuntu.com/security/CVE-2024-27008
     - drm: nv04: Fix out of bounds access
   * CVE-url: https://ubuntu.com/security/CVE-2024-35935
     - btrfs: send: handle path ref underflow in header iterate_inode_ref()
   * CVE-url: https://ubuntu.com/security/CVE-2024-27059
     - USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command
   * CVE-url: https://ubuntu.com/security/CVE-2024-26974
     - crypto: qat - resolve race condition during AER recovery
   * CVE-url: https://ubuntu.com/security/CVE-2024-26965
     - clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays
   * CVE-url: https://ubuntu.com/security/CVE-2024-26931
     - scsi: qla2xxx: Fix command flush on cable pull
   * CVE-url: https://ubuntu.com/security/CVE-2024-35910
     - mptcp: add sk_stop_timer_sync helper
   * CVE-url: https://ubuntu.com/security/CVE-2024-35944
     - VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host()
   * CVE-url: https://ubuntu.com/security/CVE-2024-35830
     - media: tc358743: register v4l2 async device only after successful setup
   * CVE-url: https://ubuntu.com/security/CVE-2024-26956
     - nilfs2: fix failure to detect DAT corruption in btree and direct mappings
   * CVE-url: https://ubuntu.com/security/CVE-2024-35807
     - ext4: fix corruption during on-line resize
   * CVE-url: https://ubuntu.com/security/CVE-2024-26813
     - vfio/platform: Create persistent IRQ handlers
   * CVE-url: https://ubuntu.com/security/CVE-2023-52644
     - wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled
   * CVE-url: https://ubuntu.com/security/CVE-2024-26966
     - clk: qcom: mmcc-apq8084: fix terminating of frequency table arrays
   * CVE-url: https://ubuntu.com/security/CVE-2024-27073
     - media: ttpci: fix two memleaks in budget_av_attach
   * CVE-url: https://ubuntu.com/security/CVE-2023-52880
     - tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc
   * CVE-url: https://ubuntu.com/security/CVE-2023-52650
     - drm/tegra: dsi: Add missing check for of_find_device_by_node
   * CVE-url: https://ubuntu.com/security/CVE-2024-35933
     - Bluetooth: btintel: Fix null ptr deref in btintel_read_version
   * CVE-url: https://ubuntu.com/security/CVE-2024-35930
     - scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc()
   * CVE-url: https://ubuntu.com/security/CVE-2024-27419
     - netrom: Fix data-races around sysctl_net_busy_read
   * CVE-url: https://ubuntu.com/security/CVE-2024-27074
     - media: go7007: fix a memleak in go7007_load_encoder
   * CVE-url: https://ubuntu.com/security/CVE-2024-26859
     - net/bnx2x: Prevent access to a freed page in page_pool
   * CVE-url: https://ubuntu.com/security/CVE-2024-26973
     - fat: fix uninitialized field in nostale filehandles
   * CVE-url: https://ubuntu.com/security/CVE-2024-27436
     - ALSA: usb-audio: Stop parsing channels bits when all channels are found.
   * CVE-url: https://ubuntu.com/security/CVE-2024-35936
     - btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks()
   * CVE-url: https://ubuntu.com/security/CVE-2024-35821
     - ubifs: Set page uptodate in the correct place
   * CVE-url: https://ubuntu.com/security/CVE-2024-27075
     - media: dvb-frontends: avoid stack overflow warnings with clang
   * CVE-url: https://ubuntu.com/security/CVE-2024-26651
     - sr9800: Add check for usbnet_get_endpoints
   * CVE-url: https://ubuntu.com/security/CVE-2024-27043
     - media: edia: dvbdev: fix a use-after-free
   * CVE-url: https://ubuntu.com/security/CVE-2024-26976
     - KVM: Always flush async #PF workqueue when vCPU is being destroyed
   * CVE-url: https://ubuntu.com/security/CVE-2024-27000
     - serial: mxs-auart: add spinlock around changing cts state
   * CVE-url: https://ubuntu.com/security/CVE-2024-35815
     - fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion
   * CVE-url: https://ubuntu.com/security/CVE-2024-26894
     - ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit()
   * CVE-url: https://ubuntu.com/security/CVE-2024-35922
     - fbmon: prevent division by zero in fb_videomode_from_videomode()
   * CVE-url: https://ubuntu.com/security/CVE-2024-24857 // CVE-url:
     https://ubuntu.com/security/CVE-2024-24858 // CVE-url:
     https://ubuntu.com/security/CVE-2024-24859
     - Bluetooth: Fix TOCTOU in HCI debugfs implementation
   * CVE-url: https://ubuntu.com/security/CVE-2024-27078
     - media: v4l2-tpg: fix some memleaks in tpg_alloc
   * CVE-url: https://ubuntu.com/security/CVE-2024-26981
     - nilfs2: fix OOB in nilfs_set_de_type
   * CVE-url: https://ubuntu.com/security/CVE-2024-26816
     - x86, relocs: Ignore relocations in .notes section
   * CVE-url: https://ubuntu.com/security/CVE-2024-26880
     - dm: call the resume method on internal suspend
   * CVE-url: https://ubuntu.com/security/CVE-2024-26994
     - speakup: Avoid crash on very long word
   * CVE-url: https://ubuntu.com/security/CVE-2024-27437
     - genirq: Warn when IRQ_NOAUTOEN is used with shared interrupts
     - genirq: Add IRQF_NO_AUTOEN for request_irq/nmi()
     - vfio/pci: Disable auto-enable of exclusive INTx IRQ
   * CVE-url: https://ubuntu.com/security/CVE-2024-26955
     - nilfs2: prevent kernel bug at submit_bh_wbc()
   * CVE-url: https://ubuntu.com/security/CVE-2024-26643
     - netfilter: nf_tables: mark set as dead when unbinding anonymous set with
       timeout
   * CVE-url: https://ubuntu.com/security/CVE-2024-26886
     - Bluetooth: af_bluetooth: Fix deadlock

Updated packages:

linux-buildinfo-4.4.0-260-tuxcare.els31-generic_4.4.0-260.294_amd64.deb
sha:89ad935261d9b34f65a79771ef07719e3225ff45
linux-buildinfo-4.4.0-260-tuxcare.els31-lowlatency_4.4.0-260.294_amd64.deb
sha:a77cdaba5edfa7ddf58ee61b7efca3bec17494de
linux-cloud-tools-4.4.0-260-tuxcare.els31_4.4.0-260.294_amd64.deb
sha:cd5a1b5eeb1fe72a617b1b0255bce8d6f5d211a2
linux-cloud-tools-4.4.0-260-tuxcare.els31-generic_4.4.0-260.294_amd64.deb
sha:0855de6b293479752378706bbd73c47a8c6a3ea8
linux-cloud-tools-4.4.0-260-tuxcare.els31-lowlatency_4.4.0-260.294_amd64.deb
sha:21bc131bc9f47b4ded9b6649036fc0c8d55492d6
linux-cloud-tools-common_4.4.0-260.294_all.deb
sha:7d3aeec640eb7d0de93749b01e60e17b81335b37
linux-cloud-tools-generic_4.4.0.260.294_amd64.deb
sha:0c6eb0b75e9f1fd0457f2a4e129200d461d8d93e
linux-cloud-tools-lowlatency_4.4.0.260.294_amd64.deb
sha:243ab156e23b82510a61154e65cae83500fbeb56
linux-crashdump_4.4.0.260.294_amd64.deb
sha:44d91c8998a57a3cf874dbf6adb2ceef6d22dfd8
linux-doc_4.4.0-260.294_all.deb
sha:8f48e04ac6e030ed7fdeff4ced3578683e5706a6
linux-generic_4.4.0.260.294_amd64.deb
sha:5bd28db2737316b76029a758d7c5834ff65ff41d
linux-headers-4.4.0-260-tuxcare.els31_4.4.0-260.294_all.deb
sha:29ed26e6931f8793d2fcb1642087feda4ca48d57
linux-headers-4.4.0-260-tuxcare.els31-generic_4.4.0-260.294_amd64.deb
sha:80f550d18720bb458f73e8d381e7d9b23a687db1
linux-headers-4.4.0-260-tuxcare.els31-lowlatency_4.4.0-260.294_amd64.deb
sha:df41f78a272d71284b300a0d5d751ade3f84e1f6
linux-headers-generic_4.4.0.260.294_amd64.deb
sha:57f7c82a6523b4aa0b44b1097a8101cd1187b9b7
linux-headers-lowlatency_4.4.0.260.294_amd64.deb
sha:b98959e6f585b5654b470501973dbcb316d26059
linux-image-generic_4.4.0.260.294_amd64.deb
sha:e173f514eca70bddebd8b0442a80739a68c3d68b
linux-image-lowlatency_4.4.0.260.294_amd64.deb
sha:45393828019b5cb0fd48042f5fa7e9e2e3d8db22
linux-image-unsigned-4.4.0-260-tuxcare.els31-generic_4.4.0-260.294_amd64.deb
sha:f0f33ccdf9a432750c7bebcd30a43b25464f74a5
linux-image-unsigned-4.4.0-260-tuxcare.els31-lowlatency_4.4.0-260.294_amd64.deb
sha:90b0eb1e965116b9dd6ab141e9163178886b73fe
linux-libc-dev_4.4.0-260.294_amd64.deb
sha:0412bd5b2d48b946871d20510c769a5923c95197
linux-lowlatency_4.4.0.260.294_amd64.deb
sha:8c72aad691337b029918e1cf8ff5726255637deb
linux-modules-4.4.0-260-tuxcare.els31-generic_4.4.0-260.294_amd64.deb
sha:a747785d928a7e67593f4cff0e60d2874280aa44
linux-modules-4.4.0-260-tuxcare.els31-lowlatency_4.4.0-260.294_amd64.deb
sha:c6c25204e5c8fea73f6417260ebde7539618a713
linux-modules-extra-4.4.0-260-tuxcare.els31-generic_4.4.0-260.294_amd64.deb
sha:c9a766f7a0367676014553475549e708fdff6ad4
linux-source_4.4.0.260.294_all.deb
sha:0622e29dd0bbff55db0154816d4841a07497c1d6
linux-source-4.4.0_4.4.0-260.294_all.deb
sha:ccd79e5a796e89afbe66d1a993858aef5d278593
linux-tools-4.4.0-260-tuxcare.els31_4.4.0-260.294_amd64.deb
sha:e4dec1e9ab9af22197828715637efb7c3bb98515
linux-tools-4.4.0-260-tuxcare.els31-generic_4.4.0-260.294_amd64.deb
sha:e07fe7c568ee61569b998df8813d10c0287755cb
linux-tools-4.4.0-260-tuxcare.els31-lowlatency_4.4.0-260.294_amd64.deb
sha:46759f53f94810fa513304a37683a76e682bd10b
linux-tools-common_4.4.0-260.294_all.deb
sha:bbbddef0f756e88ab1ffb63f4eef6241dff36171
linux-tools-generic_4.4.0.260.294_amd64.deb
sha:fc6f8415473d52003c6da334498f6cae3ecff52d
linux-tools-host_4.4.0-260.294_all.deb
sha:6c8c7040d9039a00fbf44ddd587450b673778ae8
linux-tools-lowlatency_4.4.0.260.294_amd64.deb
sha:1767ea86d18042f06930b7c614daa0c4caea50ad

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.