[CLSA-2025:1742319829] Fix of 27 CVEs

Type:

security

Severity:

Important

Release date:

2025-03-18 17:43:54 UTC

Description:

   * CVE-url: https://ubuntu.com/security/CVE-2023-52522
     - net: fix possible store tearing in neigh_periodic_work()
   * CVE-url: https://ubuntu.com/security/CVE-2024-40911
     - wifi: cfg80211: Lock wiphy in cfg80211_get_station
   * CVE-url: https://ubuntu.com/security/CVE-2024-43863
     - drm/vmwgfx: Fix a deadlock in dma buf fence polling
   * CVE-url: https://ubuntu.com/security/CVE-2024-44931
     - gpio: prevent potential speculation leaks in gpio_device_get_desc()
   * CVE-url: https://ubuntu.com/security/CVE-2024-50229
     - nilfs2: fix potential deadlock with newly created symlinks
   * CVE-url: https://ubuntu.com/security/CVE-2024-50171
     - net: systemport: fix potential memory leak in bcm_sysport_xmit()
   * CVE-url: https://ubuntu.com/security/CVE-2024-50233
     - staging: iio: frequency: ad9832: fix division by zero in
       ad9832_calc_freqreg()
   * CVE-url: https://ubuntu.com/security/CVE-2024-44938
     - jfs: Fix shift-out-of-bounds in dbDiscardAG
   * CVE-url: https://ubuntu.com/security/CVE-2024-50117
     - drm/amd: Guard against bad data for ATIF ACPI method
   * CVE-url: https://ubuntu.com/security/CVE-2024-49902
     - jfs: check if leafidx greater than num leaves per dmap tree
   * CVE-url: https://ubuntu.com/security/CVE-2023-52799
     - jfs: fix array-index-out-of-bounds in dbFindLeaf
   * CVE-url: https://ubuntu.com/security/CVE-2024-41063
     - Bluetooth: fix power_on vs close race
     - Bluetooth: hci_core: cancel all works upon hci_unregister_dev()
   * CVE-url: https://ubuntu.com/security/CVE-2024-50267
     - USB: serial: io_edgeport: fix use after free in debug printk
   * CVE-url: https://ubuntu.com/security/CVE-2024-50230
     - nilfs2: fix kernel bug due to missing clearing of checked flag
   * CVE-url: https://ubuntu.com/security/CVE-2024-50302
     - HID: core: zero-initialize the report buffer
   * CVE-url: https://ubuntu.com/security/CVE-2024-50180
     - fbdev: sisfb: Fix strbuf array overflow
   * CVE-url: https://ubuntu.com/security/CVE-2024-50278
     - dm cache: fix out-of-bounds access to the dirty bitset when resizing
     - dm cache: fix potential out-of-bounds access on the first resume
   * CVE-url: https://ubuntu.com/security/CVE-2024-50234
     - wifi: iwlegacy: Clear stale interrupts before resuming device
   * CVE-url: https://ubuntu.com/security/CVE-2024-50301
     - security/keys: fix slab-out-of-bounds in key_task_permission
   * CVE-url: https://ubuntu.com/security/CVE-2024-50143
     - overflow: Add __must_check attribute to check_*() helpers
     - compiler.h: drop fallback overflow checkers
     - overflow: Allow mixed type arguments
     - udf: fix uninit-value use in udf_get_fileshortad
   * Bionic update: upstream stable patchset 2020-11-10 (LP: #1903768) // CVE-
     url: https://ubuntu.com/security/CVE-2024-50143
     - overflow: Include header file with SIZE_MAX declaration
   * Bionic update: upstream stable patchset 2020-09-16 (LP: #1895873) // CVE-
     url: https://ubuntu.com/security/CVE-2024-50143
     - overflow.h: Add allocation size calculation helpers
   * Bionic update: upstream stable patchset 2020-05-07 (LP: #1877461) // CVE-
     url: https://ubuntu.com/security/CVE-2024-50143
     - overflow.h: Add arithmetic shift helper
   * CVE-url: https://ubuntu.com/security/CVE-2024-53061
     - media: s5p-jpeg: prevent buffer overflows
   * CVE-url: https://ubuntu.com/security/CVE-2024-47809
     - dlm: fix possible lkb_resource null dereference
   * CVE-url: https://ubuntu.com/security/CVE-2024-41020
     - filelock: Fix fcntl/close race recovery compat path
   * CVE-url: https://ubuntu.com/security/CVE-2024-43892
     - memcg: protect concurrent access to mem_cgroup_idr
   * CVE-url: https://ubuntu.com/security/CVE-2021-47379
     - blk-cgroup: fix UAF by grabbing blkcg lock before destroying blkg pd
   * CVE-url: https://ubuntu.com/security/CVE-2024-53239
     - ALSA: 6fire: Release resources at card release
   * CVE-url: https://ubuntu.com/security/CVE-2024-50051
     - spi: mpc52xx: Add cancel_work_sync before module remove

Updated packages:

linux-buildinfo-4.4.0-272-tuxcare.els43-generic_4.4.0-272.306_amd64.deb
sha:4439900e3769f51d8387166d2bde2e091ce9106c
linux-buildinfo-4.4.0-272-tuxcare.els43-lowlatency_4.4.0-272.306_amd64.deb
sha:abf86c62f500b5640b72bed61e3fcdce966e48e2
linux-cloud-tools-4.4.0-272-tuxcare.els43_4.4.0-272.306_amd64.deb
sha:1e1f96e6274d93881889eed37bc975df2a1b0214
linux-cloud-tools-4.4.0-272-tuxcare.els43-generic_4.4.0-272.306_amd64.deb
sha:d7e64694e34d6c09eb2ed50ffab80905aa8e9d67
linux-cloud-tools-4.4.0-272-tuxcare.els43-lowlatency_4.4.0-272.306_amd64.deb
sha:7eea9bc6e4ec25881f1e6351ab5225dc1a5c78d7
linux-cloud-tools-common_4.4.0-272.306_all.deb
sha:7f6b258e65233bdf91a4aebe1f041cfd97cbe527
linux-cloud-tools-generic_4.4.0.272.306_amd64.deb
sha:ab14296ac71f8660b199f4f2cfb539a5b8e518b7
linux-cloud-tools-lowlatency_4.4.0.272.306_amd64.deb
sha:f95974cfc737cbccb46b4f8e6a1aea0265bb0702
linux-crashdump_4.4.0.272.306_amd64.deb
sha:394d2e94fdc3e40dd7e113409267b55bcf4fa4e4
linux-doc_4.4.0-272.306_all.deb
sha:dbff9eea06d955ef0bb0c5a63cd938d77357110f
linux-generic_4.4.0.272.306_amd64.deb
sha:9adffca621f732ce08f3c9d3e2596bc74d3b14a9
linux-headers-4.4.0-272-tuxcare.els43_4.4.0-272.306_all.deb
sha:f41e8cddc7dbf130e9eb65d2c38ed01b21a1c2b3
linux-headers-4.4.0-272-tuxcare.els43-generic_4.4.0-272.306_amd64.deb
sha:58c8042ba0d71698bb43e27e6ddf682630779f23
linux-headers-4.4.0-272-tuxcare.els43-lowlatency_4.4.0-272.306_amd64.deb
sha:7d8775776927420d41bb509cb667aad5b6d802ba
linux-headers-generic_4.4.0.272.306_amd64.deb
sha:4ad76f65048277af04cba4f2cd6aabd3879f96a5
linux-headers-lowlatency_4.4.0.272.306_amd64.deb
sha:54a7064bbb9af0681839ed46985caf6002daee54
linux-image-generic_4.4.0.272.306_amd64.deb
sha:a2916671b21dc77dcc50efc3c4ce014f9671b644
linux-image-lowlatency_4.4.0.272.306_amd64.deb
sha:9c5534c6c439d195bf6944b1025a97e64aa6cf08
linux-image-unsigned-4.4.0-272-tuxcare.els43-generic_4.4.0-272.306_amd64.deb
sha:b52985b58598ea812abff8653afa3751c3f07d8e
linux-image-unsigned-4.4.0-272-tuxcare.els43-lowlatency_4.4.0-272.306_amd64.deb
sha:84387e0fb0cf9d795693ec57a67021c1f7c86c8c
linux-libc-dev_4.4.0-272.306_amd64.deb
sha:3b4fa6834e40fb54cfa953d60be00dbea1722b0d
linux-lowlatency_4.4.0.272.306_amd64.deb
sha:836b85c5b58653f892b20f5b0dc670478ecae9af
linux-modules-4.4.0-272-tuxcare.els43-generic_4.4.0-272.306_amd64.deb
sha:6afe7008c05c814a185ee04583cf90a0b1b4a45e
linux-modules-4.4.0-272-tuxcare.els43-lowlatency_4.4.0-272.306_amd64.deb
sha:e1fe3bd43b52d7dad91906c289f072fad0fc6920
linux-modules-extra-4.4.0-272-tuxcare.els43-generic_4.4.0-272.306_amd64.deb
sha:6cb018d638c9fc4e41dcfa4b9adf97602e2333c0
linux-source_4.4.0.272.306_all.deb
sha:c0e0211ce594bf5cfc50e7ee5c9d8c6b1dd0d605
linux-source-4.4.0_4.4.0-272.306_all.deb
sha:54600b105ca124f21f279e76517ef0f33ee65abc
linux-tools-4.4.0-272-tuxcare.els43_4.4.0-272.306_amd64.deb
sha:fee5eb53051c35a2087037a7fa3dc0db11ab75c2
linux-tools-4.4.0-272-tuxcare.els43-generic_4.4.0-272.306_amd64.deb
sha:150c493ae28350be16eed17952d3bb4838f63d5c
linux-tools-4.4.0-272-tuxcare.els43-lowlatency_4.4.0-272.306_amd64.deb
sha:0f7b3fc34d8b0bda0fb73546575b8aefb172d475
linux-tools-common_4.4.0-272.306_all.deb
sha:7071f000a6e925eabc0967a0a61961bf8289d9ef
linux-tools-generic_4.4.0.272.306_amd64.deb
sha:aa71b0ad2f87e418232b2c18aa3c16709f5bba45
linux-tools-host_4.4.0-272.306_all.deb
sha:24779e823af7dad4252b4f8295e95e9f36c38fc7
linux-tools-lowlatency_4.4.0.272.306_amd64.deb
sha:11f2dc116c8df9c7d7d383819e08181ed1d823e1

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.