[CLSA-2024:1727816002] Fix of 60 CVEs

Type:

security

Severity:

Important

Release date:

2024-10-01 20:53:25 UTC

Description:

   * CVE-url: https://ubuntu.com/security/CVE-2024-26752
     - l2tp: pass correct message length to ip6_append_data
   * CVE-url: https://ubuntu.com/security/CVE-2023-52527
     - ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data()
   * CVE-url: https://ubuntu.com/security/CVE-2024-43882
     - exec: Fix ToCToU between perm check and set-uid/gid usage
   * CVE-url: https://ubuntu.com/security/CVE-2022-48943
     - KVM: x86/mmu: make apf token non-zero to fix bug
   * CVE-url: https://ubuntu.com/security/CVE-2024-38630
     - watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger
   * CVE-url: https://ubuntu.com/security/CVE-2024-44987
     - ipv6: prevent UAF in ip6_send_skb()
   * Bionic update: upstream stable patchset 2022-03-04 (LP: #1963717) // CVE-
     url: https://ubuntu.com/security/CVE-2022-48742
     - rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink()
   * CVE-url: https://ubuntu.com/security/CVE-2024-44940
     - fou: remove warn in gue_gro_receive on unsupported protocol
   * CVE-url: https://ubuntu.com/security/CVE-2024-41059
     - hfsplus: fix uninit-value in copy_name
   * Bionic update: upstream stable patchset 2022-01-14 (LP: #1957957) // CVE-
     url: https://ubuntu.com/security/CVE-2021-47576
     - scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select()
   * CVE-url: https://ubuntu.com/security/CVE-2024-46673
     - scsi: aacraid: Fix double-free on probe failure
   * CVE-url: https://ubuntu.com/security/CVE-2024-42271
     - net/iucv: fix use after free in iucv_sock_close()
   * Bionic update: upstream stable patchset 2022-04-13 (LP: #1968932) // CVE-
     url: https://ubuntu.com/security/CVE-2022-48919
     - cifs: fix double free race when mount fails in cifs_get_root()
   * CVE-url: https://ubuntu.com/security/CVE-2024-43858
     - jfs: Fix array-index-out-of-bounds in diFree
   * CVE-url: https://ubuntu.com/security/CVE-2024-41071
     - wifi: mac80211: Avoid address calculations via out of bounds array indexing
   * CVE-url: https://ubuntu.com/security/CVE-2024-42301
     - dev/parport: fix the array out-of-bounds risk
   * CVE-url: https://ubuntu.com/security/CVE-2024-46674
     - usb: dwc3: st: fix probed platform device ref count on probe error path
   * CVE-url: https://ubuntu.com/security/CVE-2024-43900
     - media: xc2028: avoid use-after-free in load_firmware_cb()
   * CVE-url: https://ubuntu.com/security/CVE-2024-42284
     - tipc: Return non-zero value from tipc_udp_addr2str() on error
   * Bionic update: upstream stable patchset 2022-01-14 (LP: #1957957) // CVE-
     url: https://ubuntu.com/security/CVE-2021-47589
     - igbvf: fix double free in `igbvf_probe`
   * Bionic update: upstream stable patchset 2022-01-14 (LP: #1957957) // CVE-
     url: https://ubuntu.com/security/CVE-2021-47600
     - dm btree remove: fix use after free in rebalance_children()
   * CVE-url: https://ubuntu.com/security/CVE-2024-44998
     - atm: idt77252: prevent use after free in dequeue_rx()
   * CVE-url: https://ubuntu.com/security/CVE-2024-42280
     - mISDN: Fix a use after free in hfcmulti_tx()
   * CVE-url: https://ubuntu.com/security/CVE-2024-42094
     - net/iucv: Avoid explicit cpumask var allocation on stack
   * CVE-url: https://ubuntu.com/security/CVE-2024-39499
     - vmci: prevent speculation leaks by sanitizing event in event_deliver()
   * CVE-url: https://ubuntu.com/security/CVE-2024-42105
     - nilfs2: fix inode number range checks
   * CVE-url: https://ubuntu.com/security/CVE-2024-40988
     - drm/radeon: fix UBSAN warning in kv_dpm.c
   * CVE-url: https://ubuntu.com/security/CVE-2024-40916
     - drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found
   * CVE-url: https://ubuntu.com/security/CVE-2024-40904
     - USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages
   * CVE-url: https://ubuntu.com/security/CVE-2024-42106
     - inet_diag: Initialize pad field in struct inet_diag_req_v2
   * CVE-url: https://ubuntu.com/security/CVE-2024-42145
     - IB/core: Implement a limit on UMAD receive List
   * CVE-url: https://ubuntu.com/security/CVE-2024-40932
     - drm/exynos/vidi: fix memory leak in .get_modes()
   * CVE-url: https://ubuntu.com/security/CVE-2024-41006
     - netrom: Fix a memory leak in nr_heartbeat_expiry()
   * CVE-url: https://ubuntu.com/security/CVE-2024-40943
     - ocfs2: fix races between hole punching and AIO+DIO
   * CVE-url: https://ubuntu.com/security/CVE-2024-36894
     - usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete
   * CVE-url: https://ubuntu.com/security/CVE-2024-42115
     - jffs2: Fix potential illegal address access in jffs2_free_inode
   * CVE-url: https://ubuntu.com/security/CVE-2024-41035
     - USB: core: Fix duplicate endpoint bug by clearing reserved bits in the
       descriptor
   * CVE-url: https://ubuntu.com/security/CVE-2024-41097
     - usb: atm: cxacru: fix endpoint checking in cxacru_bind()
   * CVE-url: https://ubuntu.com/security/CVE-2024-39501
     - drivers: core: synchronize really_probe() and dev_uevent()
   * CVE-url: https://ubuntu.com/security/CVE-2024-40984
     - ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is
       fine."
   * CVE-url: https://ubuntu.com/security/CVE-2024-40987
     - drm/amdgpu: fix UBSAN warning in kv_dpm.c
   * CVE-url: https://ubuntu.com/security/CVE-2024-42097
     - ALSA: emux: improve patch ioctl data validation
   * CVE-url: https://ubuntu.com/security/CVE-2024-42090
     - pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER
   * CVE-url: https://ubuntu.com/security/CVE-2024-40942
     - wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects
   * CVE-url: https://ubuntu.com/security/CVE-2024-40981
     - batman-adv: bypass empty buckets in batadv_purge_orig_ref()
   * CVE-url: https://ubuntu.com/security/CVE-2024-40959
     - xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr()
   * CVE-url: https://ubuntu.com/security/CVE-2024-42089
     - ASoC: fsl-asoc-card: set priv->pdev before using it
   * CVE-url: https://ubuntu.com/security/CVE-2024-42101
     - drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes
   * CVE-url: https://ubuntu.com/security/CVE-2024-40980
     - drop_monitor: replace spin_lock by raw_spin_lock
   * CVE-url: https://ubuntu.com/security/CVE-2024-42084
     - ftruncate: pass a signed offset
   * CVE-url: https://ubuntu.com/security/CVE-2024-42096
     - x86: stop playing stack games in profile_pc()
   * CVE-url: https://ubuntu.com/security/CVE-2024-38619
     - usb-storage: alauda: Check whether the media is initialized
   * CVE-url: https://ubuntu.com/security/CVE-2024-42102
     - mm: avoid overflows in dirty throttling logic
   * CVE-url: https://ubuntu.com/security/CVE-2024-41044
     - ppp: reject claimed-as-LCP but actually malformed packets
   * Bionic update: upstream stable patchset 2022-02-11 (LP: #1960681) // CVE-
     url: https://ubuntu.com/security/CVE-2024-41044
     - ppp: ensure minimum packet size in ppp_write()
   * CVE-url: https://ubuntu.com/security/CVE-2024-40905
     - ipv6: fix possible race in __fib6_drop_pcpu_from()
   * CVE-url: https://ubuntu.com/security/CVE-2023-52803
     - SUNRPC: Fix RPC client cleaned up the freed pipefs dentries
   * CVE-url: https://ubuntu.com/security/CVE-2024-42104
     - nilfs2: add missing check for inode numbers on directory entries
   * CVE-url: https://ubuntu.com/security/CVE-2024-42148
     - bnx2x: Fix multiple UBSAN array-index-out-of-bounds
   * CVE-url: https://ubuntu.com/security/CVE-2024-41046
     - net: ethernet: lantiq_etop: fix double free in detach
   * CVE-url: https://ubuntu.com/security/CVE-2024-38538
     - net: bridge: xmit: make sure we have at least eth header len bytes

Updated packages:

linux-buildinfo-4.4.0-265-tuxcare.els36-generic_4.4.0-265.299_amd64.deb
sha:af03b1ada1b561f670082623d5d0f33ac1ad395d
linux-buildinfo-4.4.0-265-tuxcare.els36-lowlatency_4.4.0-265.299_amd64.deb
sha:7391d951707cd49b7ea536c518f2e57c82b9186a
linux-cloud-tools-4.4.0-265-tuxcare.els36_4.4.0-265.299_amd64.deb
sha:6266fbfc99a6e26b82519a32728a4d1363c6bd29
linux-cloud-tools-4.4.0-265-tuxcare.els36-generic_4.4.0-265.299_amd64.deb
sha:5a0a5d971bc16de57c6345814387418d06763e38
linux-cloud-tools-4.4.0-265-tuxcare.els36-lowlatency_4.4.0-265.299_amd64.deb
sha:9aad94b4cdbba79c391bd68a4daf243d82ade190
linux-cloud-tools-common_4.4.0-265.299_all.deb
sha:edaefbbc0bd389cc59e85e0b43a95bf1f7fc17a8
linux-cloud-tools-generic_4.4.0.265.299_amd64.deb
sha:a202777494e2777fe69882ff5e3c5e4720ebd8c6
linux-cloud-tools-lowlatency_4.4.0.265.299_amd64.deb
sha:ed12710ccee379f941efd626967303c4433896f1
linux-crashdump_4.4.0.265.299_amd64.deb
sha:aad20816756ab20f428ff6f38027d2f122bdd027
linux-doc_4.4.0-265.299_all.deb
sha:9548c0f288962d07cf6433910915d544b966bf4f
linux-generic_4.4.0.265.299_amd64.deb
sha:1e9d045db810227f8e1ebad1e6fd7c2b8a6680fe
linux-headers-4.4.0-265-tuxcare.els36_4.4.0-265.299_all.deb
sha:650d37e0a21a6217a7f2e2a61493e2a8e03c24c8
linux-headers-4.4.0-265-tuxcare.els36-generic_4.4.0-265.299_amd64.deb
sha:6c9be63ee66539cab9ac11c248426002a7f98eb3
linux-headers-4.4.0-265-tuxcare.els36-lowlatency_4.4.0-265.299_amd64.deb
sha:230aebbb1e402c756ce9153f3f04d439756c51e4
linux-headers-generic_4.4.0.265.299_amd64.deb
sha:0f39443810d1452fd4a8ede831fed60192d5c77e
linux-headers-lowlatency_4.4.0.265.299_amd64.deb
sha:f665b2f04a4dc1a8652a4b339fb12bab7ea3ff35
linux-image-generic_4.4.0.265.299_amd64.deb
sha:f943352053861f5b8c252a6c8b317eaba9d37403
linux-image-lowlatency_4.4.0.265.299_amd64.deb
sha:24a5a332e0656716588ec75cc096131ca751e0d2
linux-image-unsigned-4.4.0-265-tuxcare.els36-generic_4.4.0-265.299_amd64.deb
sha:c279f0523e8a86d741af68b0c44ee368fada1fe0
linux-image-unsigned-4.4.0-265-tuxcare.els36-lowlatency_4.4.0-265.299_amd64.deb
sha:7375f5469646b6e33b4be36fd29c10f2af1e7dc0
linux-libc-dev_4.4.0-265.299_amd64.deb
sha:69f6b554d1e8de095e6f2dbbfb8c1eda1292dc4b
linux-lowlatency_4.4.0.265.299_amd64.deb
sha:0e15a6a12bcbe19268d84ccaea668018526d7831
linux-modules-4.4.0-265-tuxcare.els36-generic_4.4.0-265.299_amd64.deb
sha:833b90437ee56634162987d2340c0e7b835c0158
linux-modules-4.4.0-265-tuxcare.els36-lowlatency_4.4.0-265.299_amd64.deb
sha:9af7b1a0f9f97ffaeba8a0fe34751ee80b270f36
linux-modules-extra-4.4.0-265-tuxcare.els36-generic_4.4.0-265.299_amd64.deb
sha:a3d9aafb1e6e01ac1a13c38455e7a4ee380841c2
linux-source_4.4.0.265.299_all.deb
sha:1b17260d64c6150f7eb6f4d1baab32d26e1958d5
linux-source-4.4.0_4.4.0-265.299_all.deb
sha:63ee38d39755b66765f0d7aa5f05d1599c358798
linux-tools-4.4.0-265-tuxcare.els36_4.4.0-265.299_amd64.deb
sha:67c6d6628706a19446eb45ef585b588d80afd232
linux-tools-4.4.0-265-tuxcare.els36-generic_4.4.0-265.299_amd64.deb
sha:8ff44c7b6f0da9fc33489ba8b8ab44ef8c5e5bf0
linux-tools-4.4.0-265-tuxcare.els36-lowlatency_4.4.0-265.299_amd64.deb
sha:c129e3d525a74269dc0c9d78b7eeb94158da40a5
linux-tools-common_4.4.0-265.299_all.deb
sha:e237f2b902afce921c8b9392c3c76c8070024332
linux-tools-generic_4.4.0.265.299_amd64.deb
sha:2ca82c500cc82c37919117e66af86ccf3c0efb7b
linux-tools-host_4.4.0-265.299_all.deb
sha:80f2d0270a674f515ad3dd7574a9b55882c4f647
linux-tools-lowlatency_4.4.0.265.299_amd64.deb
sha:7ee6c03ec5710e6fdc64e182df509f3d800da448

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.