[CLSA-2024:1723494706] Fix of 19 CVEs

Type:

security

Severity:

Critical

Release date:

2024-08-12 20:31:49 UTC

Description:

   * CVE-url: https://ubuntu.com/security/CVE-2024-42068
     - bpf: Take return from set_memory_ro() into account with bpf_prog_lock_ro()
   * CVE-url: https://ubuntu.com/security/CVE-2024-42079
     - gfs2: Fix NULL pointer dereference in gfs2_log_flush
   * CVE-url: https://ubuntu.com/security/CVE-2024-42226
     - usb: xhci: prevent potential failure in handle_tx_event() for Transfer
       events without TRB
   * CVE-url: https://ubuntu.com/security/CVE-2022-48790
     - nvme: introduce a controller state machine
     - nvme: move namespace scanning to core
     - nvme: move AER handling to common code
     - nvme: fix a possible use-after-free in controller reset during load
     - nvme-pci: fix multiple ctrl removal scheduling
   * CVE-url: https://ubuntu.com/security/CVE-2024-42236
     - usb: gadget: configfs: Prevent OOB read/write in usb_string_copy()
   * CVE-url: https://ubuntu.com/security/CVE-2024-41095
     - drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes
   * CVE-url: https://ubuntu.com/security/CVE-2024-41098
     - ata: libata-core: Fix null pointer dereference on error
   * CVE-url: https://ubuntu.com/security/CVE-2024-42244
     - tty: Define ASYNC_ replacement bits
     - tty: Replace ASYNC_CTS_FLOW bit and update atomically
     - tty: Remove ASYNC_CLOSING
     - tty: mxser: Remove ASYNC_CLOSING
     - isdn: Remove ASYNC_CLOSING
     - tty: Replace TTY_IO_ERROR bit tests with tty_io_error()
     - tty: Replace ASYNC_NORMAL_ACTIVE bit and update atomically
     - tty: Replace ASYNC_CHECK_CD and update atomically
     - tty: Replace ASYNC_SUSPENDED bit and update atomically
     - tty: Replace ASYNC_INITIALIZED bit and update atomically
     - USB: serial: mos7840: fix crash on resume
   * CVE-url: https://ubuntu.com/security/CVE-2024-41089
     - drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes
   * CVE-url: https://ubuntu.com/security/CVE-2024-42232
     - libceph: fix race between delayed_work() and ceph_monc_stop()
   * Bionic update: upstream stable patchset 2022-03-29 (LP: #1967013) // CVE-
     url: https://ubuntu.com/security/CVE-2022-48809
     - net: fix a memleak when uncloning an skb dst and its metadata
   * CVE-url: https://ubuntu.com/security/CVE-2024-42153
     - i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr
   * CVE-url: https://ubuntu.com/security/CVE-2022-48791
     - scsi: pm80xx: Fix TMF task completion race condition
     - scsi: pm8001: Fix use-after-free for aborted TMF sas_task
   * CVE-url: https://ubuntu.com/security/CVE-2022-48792
     - scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task
   * CVE-url: https://ubuntu.com/security/CVE-2024-42154
     - tcp_metrics: validate source addr length
   * CVE-url: https://ubuntu.com/security/CVE-2024-38570
     - gfs2: Rename sd_{ glock => kill }_wait
     - gfs2: Fix potential glock use-after-free on unmount
   * CVE-url: https://ubuntu.com/security/CVE-2024-38583
     - timers: Use del_timer_sync() even on UP
     - timers: Rename del_timer_sync() to timer_delete_sync()
     - timers: Rename del_timer() to timer_delete()
     - timers: Split [try_to_]del_timer[_sync]() to prepare for shutdown mode
     - timers: Add shutdown mechanism to the internal functions
     - timers: Provide timer_shutdown[_sync]()
     - nilfs2: fix use-after-free of timer for log writer thread
     - nilfs2: fix unexpected freezing of nilfs_segctor_sync()
     - nilfs2: fix potential hang in nilfs_detach_log_writer()
   * CVE-url: https://ubuntu.com/security/CVE-2024-42070
     - netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data
       registers
   * CVE-url: https://ubuntu.com/security/CVE-2024-42228
     - drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc

Updated packages:

linux-buildinfo-4.4.0-262-tuxcare.els33-generic_4.4.0-262.296_amd64.deb
sha:a08cb20ce3c2470ca4b6f5739fdadec48f3d1f24
linux-buildinfo-4.4.0-262-tuxcare.els33-lowlatency_4.4.0-262.296_amd64.deb
sha:3e2890818651319e7bd552dbbf74d794ac9a4d51
linux-cloud-tools-4.4.0-262-tuxcare.els33_4.4.0-262.296_amd64.deb
sha:9d0e1dc6958c7168195326c9a8f92dfa2e385dd2
linux-cloud-tools-4.4.0-262-tuxcare.els33-generic_4.4.0-262.296_amd64.deb
sha:4666c70acf10f20376ce85ae9f2d01d75c5bf96b
linux-cloud-tools-4.4.0-262-tuxcare.els33-lowlatency_4.4.0-262.296_amd64.deb
sha:5af8819380c377c6713a99254d7c2d50fcc07d3e
linux-cloud-tools-common_4.4.0-262.296_all.deb
sha:cd061836750ba050c8ce60b860666067a01946cf
linux-cloud-tools-generic_4.4.0.262.296_amd64.deb
sha:0424a1c7bdd0284696f84d0c82931080195cc55c
linux-cloud-tools-lowlatency_4.4.0.262.296_amd64.deb
sha:d3bfbd4664e4bcdee56a4737f3fe665b917ccba5
linux-crashdump_4.4.0.262.296_amd64.deb
sha:19412bed1e59be3088d47e313a4e7758824e4a6c
linux-doc_4.4.0-262.296_all.deb
sha:ae504bbc6dd4ad5803db5f3b418d5cc1c3087b4d
linux-generic_4.4.0.262.296_amd64.deb
sha:22bdf0d6f751bb1349ac099e99a85f49c0916be6
linux-headers-4.4.0-262-tuxcare.els33_4.4.0-262.296_all.deb
sha:60199867943adc9225afa404c8a801c2f27da147
linux-headers-4.4.0-262-tuxcare.els33-generic_4.4.0-262.296_amd64.deb
sha:e08523365ff4a2c750da416565298e57e6659d1f
linux-headers-4.4.0-262-tuxcare.els33-lowlatency_4.4.0-262.296_amd64.deb
sha:590e22127484129a1b5e415c7d030c27ae5e04ec
linux-headers-generic_4.4.0.262.296_amd64.deb
sha:8d85bd31ac117089d04e396f1d5c02446dbe89d5
linux-headers-lowlatency_4.4.0.262.296_amd64.deb
sha:1281b3d465f180a16728cf648e7ca7e2204bb90d
linux-image-generic_4.4.0.262.296_amd64.deb
sha:b354f2090b989c65ad147d6448cb5144a3b29603
linux-image-lowlatency_4.4.0.262.296_amd64.deb
sha:2ff4632a64a89967743218b1a7dd3ce0fa3ba694
linux-image-unsigned-4.4.0-262-tuxcare.els33-generic_4.4.0-262.296_amd64.deb
sha:6b83680c44c163c350710c6d6063cfd79ecbe417
linux-image-unsigned-4.4.0-262-tuxcare.els33-lowlatency_4.4.0-262.296_amd64.deb
sha:644ae817b5a6bef59c1793e4d18d85ce7039ecb1
linux-libc-dev_4.4.0-262.296_amd64.deb
sha:50a364c3fce5c8530bb65eaf8b3d0268abea99fe
linux-lowlatency_4.4.0.262.296_amd64.deb
sha:ffddabb7d359b92a2121ec508c99cca15720edb7
linux-modules-4.4.0-262-tuxcare.els33-generic_4.4.0-262.296_amd64.deb
sha:e1e1785e20f7ceb7fd5d7192624926ba3d7cf0ce
linux-modules-4.4.0-262-tuxcare.els33-lowlatency_4.4.0-262.296_amd64.deb
sha:4af9ace070bdf2f0addebd9af5bef823d503e85c
linux-modules-extra-4.4.0-262-tuxcare.els33-generic_4.4.0-262.296_amd64.deb
sha:0e04f8b335cde74ba988caab610111fea7934b81
linux-source_4.4.0.262.296_all.deb
sha:8f7628403bd28493d941dafa1112188c52f1efa5
linux-source-4.4.0_4.4.0-262.296_all.deb
sha:bcb9b5560e7c81af5dbb1e705c169e7f43dd8b4c
linux-tools-4.4.0-262-tuxcare.els33_4.4.0-262.296_amd64.deb
sha:53b20e66d050415a15799ee3bdf634c7665c58a4
linux-tools-4.4.0-262-tuxcare.els33-generic_4.4.0-262.296_amd64.deb
sha:835d3c4a775214c4a12740be86afa7e2f3e87ba0
linux-tools-4.4.0-262-tuxcare.els33-lowlatency_4.4.0-262.296_amd64.deb
sha:6117a46fa6b187eade96a334f4e14e1e01344527
linux-tools-common_4.4.0-262.296_all.deb
sha:71ea6788ca9aea853bfb53b56f4fa245db06d281
linux-tools-generic_4.4.0.262.296_amd64.deb
sha:2a8d9e1a479e0fe308dade93fdfe1b33fe4c5e95
linux-tools-host_4.4.0-262.296_all.deb
sha:4ceb2f7ac39f03a45cfaf6b33debdcd8c11ae4c6
linux-tools-lowlatency_4.4.0.262.296_amd64.deb
sha:4e6dd4c4fe825ff8a056d808fb87f9981ab66732

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.