Release date:
2024-11-14 17:36:06 UTC
Description:
* CVE-url: https://ubuntu.com/security/CVE-2024-42265
- protect the fetch of ->fd[fd] in do_dup2() from mispredictions
* CVE-url: https://ubuntu.com/security/CVE-2024-47669
- nilfs2: fix state management in error path of log writing function
* CVE-url: https://ubuntu.com/security/CVE-2023-52918
- media: pci: cx23885: check cx23885_vdev_init() return
* CVE-url: https://ubuntu.com/security/CVE-2024-46750
- PCI: Add missing bridge lock to pci_bus_lock()
* CVE-url: https://ubuntu.com/security/CVE-2024-46676
- nfc: pn533: Add poll mod list filling check
* CVE-url: https://ubuntu.com/security/CVE-2024-46755
- wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id()
* CVE-url: https://ubuntu.com/security/CVE-2024-46721
- apparmor: fix possible NULL pointer dereference
* CVE-url: https://ubuntu.com/security/CVE-2024-44947
- fuse: Initialize beyond-EOF page contents before setting uptodate
* CVE-url: https://ubuntu.com/security/CVE-2024-46675
- usb: dwc3: core: Prevent USB core invalid event buffer address access
* CVE-url: https://ubuntu.com/security/CVE-2024-43893
- serial: core: check uartclk for zero to avoid divide by zero
* CVE-url: https://ubuntu.com/security/CVE-2024-45021
- memcg_write_event_control(): fix a user-triggerable oops
* CVE-url: https://ubuntu.com/security/CVE-2024-41012
- filelock: Remove locks reliably when fcntl/close race is detected
* CVE-url: https://ubuntu.com/security/CVE-2024-42310
- drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes
* CVE-url: https://ubuntu.com/security/CVE-2024-42311
- hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode()
* CVE-url: https://ubuntu.com/security/CVE-2024-45028
- mmc: mmc_test: Fix NULL dereference on allocation failure
* CVE-url: https://ubuntu.com/security/CVE-2024-43914
- md/raid5: avoid BUG_ON() while continue reshape after reassembling
* CVE-url: https://ubuntu.com/security/CVE-2024-43856
- dma: fix call order in dmam_free_coherent
* CVE-url: https://ubuntu.com/security/CVE-2024-43884
- Bluetooth: MGMT: Add error handling to pair_device()
* CVE-url: https://ubuntu.com/security/CVE-2024-42309
- drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes
* CVE-url: https://ubuntu.com/security/CVE-2024-50044
- Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change
* CVE-url: https://ubuntu.com/security/CVE-2024-49967
- ext4: no need to continue when the number of entries is 1
* Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE-
url: https://ubuntu.com/security/CVE-2022-49015
- net: hsr: Fix potential use-after-free
* CVE-url: https://ubuntu.com/security/CVE-2024-50033
- slip: make slhc_remember() more robust against malicious packets
* CVE-url: https://ubuntu.com/security/CVE-2024-47670
- ocfs2: add bounds checking to ocfs2_xattr_find_entry()
* CVE-url: https://ubuntu.com/security/CVE-2024-49950
- Bluetooth: L2CAP: Fix uaf in l2cap_connect
* CVE-url: https://ubuntu.com/security/CVE-2024-49883
- ext4: aovid use-after-free in ext4_ext_insert_extent()
* Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE-
url: https://ubuntu.com/security/CVE-2022-48960
- net: hisilicon: Fix potential use-after-free in hix5hd2_rx()
* CVE-url: https://ubuntu.com/security/CVE-2024-47745
- mm: call the security_mmap_file() LSM hook in remap_file_pages()
* CVE-url: https://ubuntu.com/security/CVE-2024-49860
- ACPI: sysfs: validate return type of _STR method
* CVE-url: https://ubuntu.com/security/CVE-2024-49882
- ext4: fix double brelse() the buffer of the extents path
* CVE-url: https://ubuntu.com/security/CVE-2024-49995
- tipc: guard against string buffer overrun
* CVE-url: https://ubuntu.com/security/CVE-2024-47723
- jfs: fix out-of-bounds in dbNextAG() and diAlloc()
* Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE-
url: https://ubuntu.com/security/CVE-2022-48988
- memcg: fix possible use-after-free in memcg_write_event_control()
* CVE-url: https://ubuntu.com/security/CVE-2024-50073
- tty: n_gsm: Fix use-after-free in gsm_cleanup_mux
* CVE-url: https://ubuntu.com/security/CVE-2024-50055
- driver core: bus: Fix double free in driver API bus_register()
* Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE-
url: https://ubuntu.com/security/CVE-2022-49029
- hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails
* Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE-
url: https://ubuntu.com/security/CVE-2022-48948
- usb: gadget: uvc: Prevent buffer overflow in setup handler
* CVE-url: https://ubuntu.com/security/CVE-2024-47698
- drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error
* CVE-url: https://ubuntu.com/security/CVE-2022-49026
- e100: Fix possible use after free in e100_xmit_prepare
* Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE-
url: https://ubuntu.com/security/CVE-2022-48967
- NFC: nci: Bounds check struct nfc_target arrays
* CVE-url: https://ubuntu.com/security/CVE-2024-47742
- firmware_loader: Block path traversal
* CVE-url: https://ubuntu.com/security/CVE-2024-50035
- ppp: fix ppp_async_encode() illegal access
* CVE-url: https://ubuntu.com/security/CVE-2024-47757
- nilfs2: fix potential oob read in nilfs_btree_check_delete()
* CVE-url: https://ubuntu.com/security/CVE-2024-49884
- ext4: avoid ext4_error()'s caused by ENOMEM in the truncate path
- ext4: fix slab-use-after-free in ext4_split_extent_at()
* CVE-url: https://ubuntu.com/security/CVE-2022-49006
- tracing: Only have rmmod clear buffers that its events were active in
- tracing: Free buffers when a used dynamic event is removed
* CVE-url: https://ubuntu.com/security/CVE-2024-49903
- jfs: Fix uaf in dbFreeBits
* CVE-url: https://ubuntu.com/security/CVE-2024-47701
- ext4: avoid OOB when system.data xattr changes underneath the filesystem
* CVE-url: https://ubuntu.com/security/CVE-2024-49889
- ext4: avoid use-after-free in ext4_ext_show_leaf()
* CVE-url: https://ubuntu.com/security/CVE-2024-49900
- jfs: Fix uninit-value access of new_ea in ea_buffer
* CVE-url: https://ubuntu.com/security/CVE-2024-47697
- drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error
* CVE-url: https://ubuntu.com/security/CVE-2022-48951
- ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx()
* CVE-url: https://ubuntu.com/security/CVE-2024-43839
- bna: adjust 'name' buf size of bna_tcb and bna_ccb structures
* CVE-url: https://ubuntu.com/security/CVE-2024-47659
- smack: tcp: ipv4, fix incorrect labeling
* CVE-url: https://ubuntu.com/security/CVE-2024-47685
- netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put()
* CVE-url: https://ubuntu.com/security/CVE-2024-38602
- ax25: Fix reference count leak issues of ax25_dev
* CVE-url: https://ubuntu.com/security/CVE-2024-26641
- net: Fix unwanted sign extension in netdev_stats_to_stats64()
* CVE-url: https://ubuntu.com/security/CVE-2024-42223
- media: dvb-frontends: tda10048: Fix integer overflow
* CVE-url: https://ubuntu.com/security/CVE-2021-3759
- memcg: enable accounting of ipc resources
* CVE-url: https://ubuntu.com/security/CVE-2024-38632
- vfio/pci: fix potential memory leak in vfio_intx_enable()
* CVE-url: https://ubuntu.com/security/CVE-2024-46840
- btrfs: clean up our handling of refs == 0 in snapshot delete
* CVE-url: https://ubuntu.com/security/CVE-2024-44954
- ALSA: line6: Fix racy access to midibuf
* CVE-url: https://ubuntu.com/security/CVE-2024-45003
- vfs: Don't evict inode under the inode lru traversing context
* CVE-url: https://ubuntu.com/security/CVE-2024-46841
- btrfs: don't BUG_ON on ENOMEM from btrfs_lookup_extent_info() in
walk_down_proc()
* CVE-url: https://ubuntu.com/security/CVE-2024-44950
- serial: sc16is7xx: fix invalid FIFO access with special register set
* CVE-url: https://ubuntu.com/security/CVE-2024-26812
- Revert "kernfs: do not account ino_ida allocations to memcg"
- Revert "gfp: add __GFP_NOACCOUNT"
- memcg: only account kmem allocations marked as __GFP_ACCOUNT
- vfio: Introduce interface to flush virqfd inject workqueue
- vfio/pci: Create persistent INTx handler
* CVE-url: https://ubuntu.com/security/CVE-2023-52528
- usbnet/smsc75xx: silence uninitialized variable warning
- net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg
* CVE-url: https://ubuntu.com/security/CVE-2024-42229
- crypto: aead,cipher - zeroize key buffer after use
Updated packages:
-
linux-buildinfo-4.4.0-267-tuxcare.els38-generic_4.4.0-267.301_amd64.deb
sha:2fe59d93c13484d210674dc8e3f159f07a694f62
-
linux-buildinfo-4.4.0-267-tuxcare.els38-lowlatency_4.4.0-267.301_amd64.deb
sha:6b9fdf3f5cdd27597db06c544cc404c05ad4e35a
-
linux-cloud-tools-4.4.0-267-tuxcare.els38_4.4.0-267.301_amd64.deb
sha:a7bce5f9e61da6e8cef777e1c4bf64f5bafa7efb
-
linux-cloud-tools-4.4.0-267-tuxcare.els38-generic_4.4.0-267.301_amd64.deb
sha:992f369ae6bb095fc7e10b3f54713f30b609ea92
-
linux-cloud-tools-4.4.0-267-tuxcare.els38-lowlatency_4.4.0-267.301_amd64.deb
sha:133d85a732281c194766133e30170b76fe6ffb47
-
linux-cloud-tools-common_4.4.0-267.301_all.deb
sha:d24efd2de28fea9f1067b30c760f37197a561f97
-
linux-cloud-tools-generic_4.4.0.267.301_amd64.deb
sha:c9c09777c54c623bb947f97b273dfd65ad8c8b93
-
linux-cloud-tools-lowlatency_4.4.0.267.301_amd64.deb
sha:0bec18e51de828787aad40c289261bcc31f802a0
-
linux-crashdump_4.4.0.267.301_amd64.deb
sha:640993a1e2af2e10433d4b41876ae19936b3c5e8
-
linux-doc_4.4.0-267.301_all.deb
sha:c06f9774b553649282d59665e086108b88690df0
-
linux-generic_4.4.0.267.301_amd64.deb
sha:c921f002f3d12f6b50b61d69650aae4bfcce7cfd
-
linux-headers-4.4.0-267-tuxcare.els38_4.4.0-267.301_all.deb
sha:75a9020d92c06f417af0ad95d7857227acb653ec
-
linux-headers-4.4.0-267-tuxcare.els38-generic_4.4.0-267.301_amd64.deb
sha:ec3f480900a6735eab0a39e730e8a19523a9fab6
-
linux-headers-4.4.0-267-tuxcare.els38-lowlatency_4.4.0-267.301_amd64.deb
sha:9720b5328d5f1aa913ea1af89384a387a039ce09
-
linux-headers-generic_4.4.0.267.301_amd64.deb
sha:c339f276262906c86b962bcc5b5a73c2f1d9c9a7
-
linux-headers-lowlatency_4.4.0.267.301_amd64.deb
sha:2675a4e70bf357a03c00403f2d9940688bb26f1e
-
linux-image-generic_4.4.0.267.301_amd64.deb
sha:75181cfb6adbdb2fd6050cd8982fe9b6e89dbd7d
-
linux-image-lowlatency_4.4.0.267.301_amd64.deb
sha:f9e347454bdd9ac89886a968f63a471e03ca0d41
-
linux-image-unsigned-4.4.0-267-tuxcare.els38-generic_4.4.0-267.301_amd64.deb
sha:45863ba31f4f271bbd60d02538e7d13ef0cc1de3
-
linux-image-unsigned-4.4.0-267-tuxcare.els38-lowlatency_4.4.0-267.301_amd64.deb
sha:1acab188f5664e68bb9822a1cac2cc801a899021
-
linux-libc-dev_4.4.0-267.301_amd64.deb
sha:e3a72fb0e345c7e7f952ba041153801bf957912f
-
linux-lowlatency_4.4.0.267.301_amd64.deb
sha:478f9482a438de63514978a7aaa7638ec32e1a4b
-
linux-modules-4.4.0-267-tuxcare.els38-generic_4.4.0-267.301_amd64.deb
sha:adcf8b9ffecfdf94d784e38d8fdfdf71d58e32a4
-
linux-modules-4.4.0-267-tuxcare.els38-lowlatency_4.4.0-267.301_amd64.deb
sha:da30e5bbaf0df6690f8db8ed38c5859da82f1636
-
linux-modules-extra-4.4.0-267-tuxcare.els38-generic_4.4.0-267.301_amd64.deb
sha:82e8f0463589b41336d182ea44dd02302e0d28ab
-
linux-source_4.4.0.267.301_all.deb
sha:f6be39a20de591362f500b90b55882cc6c2456b1
-
linux-source-4.4.0_4.4.0-267.301_all.deb
sha:04a6f25cd7305968a6bb9e4de3540a653a7a224e
-
linux-tools-4.4.0-267-tuxcare.els38_4.4.0-267.301_amd64.deb
sha:eef18fbfea272664532a9333ae966ea71168ade6
-
linux-tools-4.4.0-267-tuxcare.els38-generic_4.4.0-267.301_amd64.deb
sha:62e3a039d27f26e8f966bb56e50a6befc13a3a53
-
linux-tools-4.4.0-267-tuxcare.els38-lowlatency_4.4.0-267.301_amd64.deb
sha:e6378591980b4a80b7f6036b12f59c755fe0e5be
-
linux-tools-common_4.4.0-267.301_all.deb
sha:6e8e12d067e492395e4d4f14328053d137f465cc
-
linux-tools-generic_4.4.0.267.301_amd64.deb
sha:e6251b32279947fac007fc3b3dfbd39396ead01f
-
linux-tools-host_4.4.0-267.301_all.deb
sha:97aa79a9d7079a12b4309f849f2eab0e8bd26546
-
linux-tools-lowlatency_4.4.0.267.301_amd64.deb
sha:b788b83a14cd6f3bb288f3330849b0511ca9152e
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
