[CLSA-2024:1721659604] Fix of 96 CVEs

Type:

security

Severity:

Important

Release date:

2024-07-22 14:46:47 UTC

Description:

   * CVE-url: https://ubuntu.com/security/CVE-2024-35902
     - net/rds: fix possible cp null dereference
   * CVE-url: https://ubuntu.com/security/CVE-2024-38587
     - speakup: Fix sizeof() vs ARRAY_SIZE() bug
   * CVE-url: https://ubuntu.com/security/CVE-2024-39493
     - crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak
   * CVE-url: https://ubuntu.com/security/CVE-2024-38381
     - nfc: nci: Fix uninit-value in nci_rx_work
   * CVE-url: https://ubuntu.com/security/CVE-2024-26810
     - vfio/pci: Lock external INTx masking ops
   * CVE-url: https://ubuntu.com/security/CVE-2024-26687
     - xen/events: close evtchn after mapping cleanup
   * CVE-url: https://ubuntu.com/security/CVE-2024-35893
     - net: sched: change type of reference and bind counters
     - net: sched: act_skbmod: remove dependency on rtnl lock
     - net/sched: act_skbmod: prevent kernel-infoleak
   * CVE-url: https://ubuntu.com/security/CVE-2024-35823
     - vt: preserve unicode values corresponding to screen characters
     - vt: fix unicode buffer corruption when deleting characters
   * CVE-url: https://ubuntu.com/security/CVE-2024-35805
     - dm snapshot: Replace mutex with rw semaphore
     - dm snapshot: fix lockup in dm_exception_table_exit
   * CVE-url: https://ubuntu.com/security/CVE-2024-27004
     - clk: core: clarify the check for runtime PM
     - clk: Get runtime PM before walking tree during disable_unused
   * CVE-url: https://ubuntu.com/security/CVE-2024-26852
     - net/ipv6: avoid possible UAF in ip6_route_mpath_notify()
   * CVE-url: https://ubuntu.com/security/CVE-2023-52620
     - netfilter: nf_tables: disallow timeout for anonymous sets
   * CVE-url: https://ubuntu.com/security/CVE-2024-25739
     - ubi: Check for too small LEB size in VTBL code
   * CVE-url: https://ubuntu.com/security/CVE-2024-27437
     - genirq: Add IRQF_NO_AUTOEN for request_irq/nmi()
     - vfio/pci: Disable auto-enable of exclusive INTx IRQ
   * CVE-url: https://ubuntu.com/security/CVE-2022-48627
     - vc: separate state
     - vt: fix memory overlapping when deleting chars in the buffer
   * CVE-url: https://ubuntu.com/security/CVE-2024-35910
     - mptcp: add sk_stop_timer_sync helper
     - tcp: properly terminate timers for kernel sockets
   * CVE-url: https://ubuntu.com/security/CVE-2024-35969
     - ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr
   * CVE-url: https://ubuntu.com/security/CVE-2024-27024
     - RDS: RDMA: Fix the NULL-ptr deref in rds_ib_get_mr
     - net/rds: fix WARNING in rds_conn_connect_if_down
   * CVE-url: https://ubuntu.com/security/CVE-2024-26863
     - hsr: Fix uninit-value access in hsr_get_node()
   * CVE-url: https://ubuntu.com/security/CVE-2024-26984
     - nouveau: fix instmem race condition around ptr stores
   * CVE-url: https://ubuntu.com/security/CVE-2024-36020
     - i40e: fix vf may be used uninitialized in this function warning
   * CVE-url: https://ubuntu.com/security/CVE-2024-35849
     - btrfs: fix information leak in btrfs_ioctl_logical_to_ino()
   * CVE-url: https://ubuntu.com/security/CVE-2024-27388
     - SUNRPC: fix some memleaks in gssx_dec_option_array
   * CVE-url: https://ubuntu.com/security/CVE-2024-35886
     - ipv6: Fix infinite recursion in fib6_dump_done().
   * CVE-url: https://ubuntu.com/security/CVE-2024-35809
     - PCI/PM: Drain runtime-idle callbacks before driver removal
   * CVE-url: https://ubuntu.com/security/CVE-2024-26875
     - media: pvrusb2: fix uaf in pvr2_context_set_notify
   * CVE-url: https://ubuntu.com/security/CVE-2024-26851
     - netfilter: nf_conntrack_h323: Add protection for bmp length out of range
   * CVE-url: https://ubuntu.com/security/CVE-2024-26999
     - serial/pmac_zilog: Remove flawed mitigation for rx irq flood
   * CVE-url: https://ubuntu.com/security/CVE-2024-35819
     - soc: fsl: qbman: Use raw spinlock for cgr_lock
   * CVE-url: https://ubuntu.com/security/CVE-2024-35806
     - soc: fsl: qbman: Always disable interrupts when taking cgr_lock
   * CVE-url: https://ubuntu.com/security/CVE-2023-52699
     - sysv: don't call sb_bread() with pointers_lock held
   * CVE-url: https://ubuntu.com/security/CVE-2024-35828
     - wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer()
   * CVE-url: https://ubuntu.com/security/CVE-2024-27001
     - comedi: vmk80xx: fix incomplete endpoint checking
   * CVE-url: https://ubuntu.com/security/CVE-2024-26878
     - quota: Fix potential NULL pointer dereference
   * CVE-url: https://ubuntu.com/security/CVE-2024-27008
     - drm: nv04: Fix out of bounds access
   * CVE-url: https://ubuntu.com/security//CVE-2024-35825
     - usb: gadget: ncm: Fix handling of zero block length packets
   * CVE-url: https://ubuntu.com/security/CVE-2024-35935
     - btrfs: send: handle path ref underflow in header iterate_inode_ref()
   * CVE-url: https://ubuntu.com/security/CVE-2024-26957
     - s390/zcrypt: fix reference counting on zcrypt card objects
   * CVE-url: https://ubuntu.com/security/CVE-2024-35973
     - geneve: fix header validation in geneve[6]_xmit_skb
   * CVE-url: https://ubuntu.com/security/CVE-2024-26965
     - clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays
   * CVE-url: https://ubuntu.com/security/CVE-2024-26931
     - scsi: qla2xxx: Fix command flush on cable pull
   * CVE-url: https://ubuntu.com/security/CVE-2024-35944
     - VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host()
   * CVE-url: https://ubuntu.com/security/CVE-2024-27028
     - spi: spi-mt65xx: Fix NULL pointer access in interrupt handler
   * CVE-url: https://ubuntu.com/security/CVE-2024-35830
     - media: tc358743: register v4l2 async device only after successful setup
   * CVE-url: https://ubuntu.com/security/CVE-2024-26956
     - nilfs2: fix failure to detect DAT corruption in btree and direct mappings
   * CVE-url: https://ubuntu.com/security/CVE-2024-35807
     - ext4: fix corruption during on-line resize
   * CVE-url: https://ubuntu.com/security/CVE-2024-26813
     - vfio/platform: Create persistent IRQ handlers
   * CVE-url: https://ubuntu.com/security/CVE-2023-52644
     - wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled
   * CVE-url: https://ubuntu.com/security/CVE-2024-26966
     - clk: qcom: mmcc-apq8084: fix terminating of frequency table arrays
   * CVE-url: https://ubuntu.com/security/CVE-2024-26654
     - ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs
   * CVE-url: https://ubuntu.com/security/CVE-2024-27073
     - media: ttpci: fix two memleaks in budget_av_attach
   * CVE-url: https://ubuntu.com/security/CVE-2023-52880
     - tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc
   * CVE-url: https://ubuntu.com/security/CVE-2023-52650
     - drm/tegra: dsi: Add missing check for of_find_device_by_node
   * CVE-url: https://ubuntu.com/security/CVE-2024-35822
     - usb: udc: remove warning when queue disabled ep
   * CVE-url: https://ubuntu.com/security/CVE-2024-35933
     - Bluetooth: btintel: Fix null ptr deref in btintel_read_version
   * CVE-url: https://ubuntu.com/security/CVE-2024-26857
     - geneve: make sure to pull inner header in geneve_rx()
   * CVE-url: https://ubuntu.com/security/CVE-2024-35925
     - block: prevent division by zero in blk_rq_stat_sum()
   * CVE-url: https://ubuntu.com/security/CVE-2024-35930
     - scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc()
   * CVE-url: https://ubuntu.com/security/CVE-2024-27419
     - netrom: Fix data-races around sysctl_net_busy_read
   * CVE-url: https://ubuntu.com/security/CVE-2024-35955
     - kprobes: Fix possible use-after-free issue on kprobe registration
   * CVE-url: https://ubuntu.com/security/CVE-2024-27074
     - media: go7007: fix a memleak in go7007_load_encoder
   * CVE-url: https://ubuntu.com/security/CVE-2024-35847
     - irqchip/gic-v3-its: Prevent double free on error
   * CVE-url: https://ubuntu.com/security/CVE-2024-35936
     - btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks()
   * CVE-url: https://ubuntu.com/security/CVE-2024-35821
     - ubifs: Set page uptodate in the correct place
   * CVE-url: https://ubuntu.com/security/CVE-2024-27075
     - media: dvb-frontends: avoid stack overflow warnings with clang
   * CVE-url: https://ubuntu.com/security/CVE-2024-26651
     - sr9800: Add check for usbnet_get_endpoints
   * CVE-url: https://ubuntu.com/security/CVE-2024-27043
     - media: edia: dvbdev: fix a use-after-free
   * CVE-url: https://ubuntu.com/security/CVE-2024-26976
     - KVM: Always flush async #PF workqueue when vCPU is being destroyed
   * CVE-url: https://ubuntu.com/security/CVE-2024-27000
     - serial: mxs-auart: add spinlock around changing cts state
   * CVE-url: https://ubuntu.com/security/CVE-2024-35815
     - fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion
   * CVE-url: https://ubuntu.com/security/CVE-2024-27396
     - net: gtp: Fix Use-After-Free in gtp_dellink
   * CVE-url: https://ubuntu.com/security/CVE-2024-26874
     - drm/mediatek: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip
   * CVE-url: https://ubuntu.com/security/CVE-2024-35922
     - fbmon: prevent division by zero in fb_videomode_from_videomode()
   * CVE-url: https://ubuntu.com/security/CVE-2024-27078
     - media: v4l2-tpg: fix some memleaks in tpg_alloc
   * CVE-url: https://ubuntu.com/security/CVE-2024-26981
     - nilfs2: fix OOB in nilfs_set_de_type
   * CVE-url: https://ubuntu.com/security/CVE-2024-26816
     - x86, relocs: Ignore relocations in .notes section
   * CVE-url: https://ubuntu.com/security/CVE-2024-26880
     - dm: call the resume method on internal suspend
   * CVE-url: https://ubuntu.com/security/CVE-2024-26994
     - speakup: Avoid crash on very long word
   * CVE-url: https://ubuntu.com/security/CVE-2024-26955
     - nilfs2: prevent kernel bug at submit_bh_wbc()
   * CVE-url: https://ubuntu.com/security/CVE-2024-36004
     - i40e: Do not use WQ_MEM_RECLAIM flag for workqueue
   * CVE-url: https://ubuntu.com/security/CVE-2024-35789
     - wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes
   * CVE-url: https://ubuntu.com/security/CVE-2024-26974
     - crypto: qat - resolve race condition during AER recovery
   * CVE-url: https://ubuntu.com/security/CVE-2024-26859
     - net/bnx2x: Prevent access to a freed page in page_pool
   * CVE-url: https://ubuntu.com/security/CVE-2024-35960
     - net/mlx5: Properly link new fs rules into the tree
   * CVE-url: https://ubuntu.com/security/CVE-2024-27059
     - USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command
   * CVE-url: https://ubuntu.com/security/CVE-2024-26993
     - fs: sysfs: Fix reference leak in sysfs_break_active_protection()
   * CVE-url: https://ubuntu.com/security/CVE-2024-24857 // CVE-url:
     https://ubuntu.com/security/CVE-2024-24858 // CVE-url:
     https://ubuntu.com/security/CVE-2024-24859
     - Bluetooth: Fix TOCTOU in HCI debugfs implementation
   * CVE-url: https://ubuntu.com/security/CVE-2024-26894
     - ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit()
   * CVE-url: https://ubuntu.com/security/CVE-2024-27436
     - ALSA: usb-audio: Stop parsing channels bits when all channels are found.
   * CVE-url: https://ubuntu.com/security/CVE-2024-35915
     - nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet
   * CVE-url: https://ubuntu.com/security/CVE-2024-26973
     - fat: fix uninitialized field in nostale filehandles
   * CVE-url: https://ubuntu.com/security/CVE-2024-26923
     - af_unix: Fix garbage collector racing against connect()
   * CVE-url: https://ubuntu.com/security/CVE-2024-26643
     - netfilter: nf_tables: mark set as dead when unbinding anonymous set with
       timeout
   * CVE-url: https://ubuntu.com/security/CVE-2024-26886
     - Bluetooth: af_bluetooth: Fix deadlock

Updated packages:

linux-buildinfo-4.15.0-232-tuxcare.els20-generic_4.15.0-232.243_amd64.deb
sha:d4fe86b91a261d57229a544006bdd6fde2ca2070
linux-buildinfo-4.15.0-232-tuxcare.els20-lowlatency_4.15.0-232.243_amd64.deb
sha:c47aac6c04c0429fbe2fee6a6f0ba925202b3318
linux-cloud-tools-4.15.0-232-tuxcare.els20_4.15.0-232.243_amd64.deb
sha:cbfd0c7fcd82c99b387174272bbf6a13eda05540
linux-cloud-tools-4.15.0-232-tuxcare.els20-generic_4.15.0-232.243_amd64.deb
sha:7adccefa8c3c8a09bda51b601ca1e7efc49a2e03
linux-cloud-tools-4.15.0-232-tuxcare.els20-lowlatency_4.15.0-232.243_amd64.deb
sha:5b6ec47b69895373d942df211ab05652f2eb2d7d
linux-cloud-tools-common_4.15.0-232.243_all.deb
sha:e7f499fc1701423b82c8144922b61cc9fd0ce26c
linux-cloud-tools-generic_4.15.0.232.243_amd64.deb
sha:8ba6e7c5682e9e4d94414e7ac4dfd9683915c71d
linux-cloud-tools-lowlatency_4.15.0.232.243_amd64.deb
sha:25416156652bd0c5b678990db124c68757469f16
linux-crashdump_4.15.0.232.243_amd64.deb
sha:b34c14fea02fd2ada8c2bfb6990956272fd89e91
linux-doc_4.15.0-232.243_all.deb
sha:7b9795769903dc963ad930def83d15c1671bdf3a
linux-generic_4.15.0.232.243_amd64.deb
sha:51ccae76cf82d939f6603996af045a0bd25a4053
linux-headers-4.15.0-232-tuxcare.els20_4.15.0-232.243_all.deb
sha:9f68bad740b30ad80703c120818b645ae276c44b
linux-headers-4.15.0-232-tuxcare.els20-generic_4.15.0-232.243_amd64.deb
sha:3e265e5b92805ea45fb6705e4dd9bb4771b70a72
linux-headers-4.15.0-232-tuxcare.els20-lowlatency_4.15.0-232.243_amd64.deb
sha:e33a9ca20c75226172eeb14494906163cafa802f
linux-headers-generic_4.15.0.232.243_amd64.deb
sha:bb439940ee1795c3c8223d0f439df0337606c4f2
linux-headers-lowlatency_4.15.0.232.243_amd64.deb
sha:a004d910c12c0b699a1453077acea3cd7cf26618
linux-image-generic_4.15.0.232.243_amd64.deb
sha:bc945f24c1b88d6e15f09e0233f4cdcb35429505
linux-image-lowlatency_4.15.0.232.243_amd64.deb
sha:ac15465141375993ea8c24acec884dc765babf4f
linux-image-unsigned-4.15.0-232-tuxcare.els20-generic_4.15.0-232.243_amd64.deb
sha:34c8473f7050380619636f8cf468921e603e7474
linux-image-unsigned-4.15.0-232-tuxcare.els20-lowlatency_4.15.0-232.243_amd64.deb
sha:4d528b524f80536a53da5b467146103e232eb878
linux-libc-dev_4.15.0-232.243_amd64.deb
sha:4197348cf305421fdc98d7545800a69b3ec0a4fb
linux-lowlatency_4.15.0.232.243_amd64.deb
sha:9e15fb86f3733d5e497edc48f1bf8c2612afb67f
linux-modules-4.15.0-232-tuxcare.els20-generic_4.15.0-232.243_amd64.deb
sha:ba84ff949ef11db34fcab815eb2b9946482a3d30
linux-modules-4.15.0-232-tuxcare.els20-lowlatency_4.15.0-232.243_amd64.deb
sha:9d44689c5a636746bc20613a89f5f5935e3c49b1
linux-modules-extra-4.15.0-232-tuxcare.els20-generic_4.15.0-232.243_amd64.deb
sha:8e7c20eeb0d323e2fbbc926a479249b4a9cf53fd
linux-source_4.15.0.232.243_all.deb
sha:279f75ac5a34ff709347d5708cff429fa3d601d2
linux-source-4.15.0_4.15.0-232.243_all.deb
sha:a9dbb012d1657b2b0b22d905e89efa61b50f2bdc
linux-tools-4.15.0-232-tuxcare.els20_4.15.0-232.243_amd64.deb
sha:54b9a5abd0dc5dab8cf117c49a27d09751c40648
linux-tools-4.15.0-232-tuxcare.els20-generic_4.15.0-232.243_amd64.deb
sha:f71fcf3791c567ac1c73545e640b4c32b7ff6e97
linux-tools-4.15.0-232-tuxcare.els20-lowlatency_4.15.0-232.243_amd64.deb
sha:bdee1406644d0ce919ddf1d30ce266094ab7c491
linux-tools-common_4.15.0-232.243_all.deb
sha:e5fb0ea94105b1dc316285024659a4cf4ab9c67c
linux-tools-generic_4.15.0.232.243_amd64.deb
sha:2967036c46c5fe1a7b9c77968d8de1d3e5de4b84
linux-tools-host_4.15.0-232.243_all.deb
sha:a6e51de5cfb3cd14a3f0bc130d67f4159aa21140
linux-tools-lowlatency_4.15.0.232.243_amd64.deb
sha:6745973e2c68b2e1a1ac702dbe92f90a3d88467f

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.