[CLSA-2024:1723622576] Fix of 29 CVEs

Type:

security

Severity:

Critical

Release date:

2024-08-14 08:02:59 UTC

Description:

   * CVE-url: https://ubuntu.com/security/CVE-2024-42236
     - usb: gadget: configfs: Prevent OOB read/write in usb_string_copy()
   * CVE-url: https://ubuntu.com/security/CVE-2024-41095
     - drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes
   * CVE-url: https://ubuntu.com/security/CVE-2024-41098
     - ata: libata-core: Fix null pointer dereference on error
   * CVE-url: https://ubuntu.com/security/CVE-2024-42244
     - USB: serial: mos7840: fix crash on resume
   * CVE-url: https://ubuntu.com/security/CVE-2024-41089
     - drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes
   * CVE-url: https://ubuntu.com/security/CVE-2024-42232
     - libceph: fix race between delayed_work() and ceph_monc_stop()
   * CVE-url: https://ubuntu.com/security/CVE-2024-42153
     - i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr
   * CVE-url: https://ubuntu.com/security/CVE-2022-48791
     - scsi: pm80xx: Fix TMF task completion race condition
     - scsi: pm8001: Fix use-after-free for aborted TMF sas_task
   * CVE-url: https://ubuntu.com/security/CVE-2022-48788
     - nvme-rdma: fix possible use-after-free in transport error_recovery work
   * CVE-url: https://ubuntu.com/security/CVE-2022-48792
     - scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task
   * CVE-url: https://ubuntu.com/security/CVE-2022-48790
     - nvme: fix a possible use-after-free in controller reset during load
   * CVE-url: https://ubuntu.com/security/CVE-2024-42154
     - tcp_metrics: validate source addr length
   * CVE-url: https://ubuntu.com/security/CVE-2024-38596
     - af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg
   * CVE-url: https://ubuntu.com/security/CVE-2024-36270
     - netfilter: tproxy: bail out if IP has been disabled on the device
   * CVE-url: https://ubuntu.com/security/CVE-2024-38780
     - dma-buf/sw-sync: don't enable IRQ from sync_print_obj()
   * CVE-url: https://ubuntu.com/security/CVE-2024-36886
     - tipc: fix UAF in error path
   * CVE-url: https://ubuntu.com/security/CVE-2024-42068
     - bpf: Take return from set_memory_ro() into account with bpf_prog_lock_ro()
   * CVE-url: https://ubuntu.com/security/CVE-2024-42156
     - s390/pkey: Wipe copies of clear-key structures on failure
   * CVE-url: https://ubuntu.com/security/CVE-2024-42079
     - gfs2: Fix NULL pointer dereference in gfs2_log_flush
   * CVE-url: https://ubuntu.com/security/CVE-2024-42223
     - media: dvb-frontends: tda10048: Fix integer overflow
   * CVE-url: https://ubuntu.com/security/CVE-2024-42157
     - s390/pkey: Wipe sensitive data on failure
   * CVE-url: https://ubuntu.com/security/CVE-2024-42160
     - f2fs: indicate shutdown f2fs to allow unmount successfully
     - f2fs: support fault_type mount option
     - f2fs: check validation of fault attrs in f2fs_build_fault_attr()
   * CVE-url: https://ubuntu.com/security/CVE-2024-42224
     - net: dsa: mv88e6xxx: Correct check for empty list
   * CVE-url: https://ubuntu.com/security/CVE-2024-38570
     - gfs2: Rename sd_{ glock => kill }_wait
     - gfs2: Fix potential glock use-after-free on unmount
   * CVE-url: https://ubuntu.com/security/CVE-2024-38583
     - nilfs2: fix use-after-free of timer for log writer thread
     - nilfs2: fix unexpected freezing of nilfs_segctor_sync()
     - nilfs2: fix potential hang in nilfs_detach_log_writer()
   * CVE-url: https://ubuntu.com/security/CVE-2024-42070
     - netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data
       registers
   * CVE-url: https://ubuntu.com/security/CVE-2024-42077
     - ocfs2: fix DIO failure due to insufficient transaction credits
   * CVE-url: https://ubuntu.com/security/CVE-2024-42226
     - usb: xhci: prevent potential failure in handle_tx_event() for Transfer
       events without TRB
   * CVE-url: https://ubuntu.com/security/CVE-2024-42228
     - drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc

Updated packages:

linux-buildinfo-4.15.0-234-tuxcare.els22-generic_4.15.0-234.245_amd64.deb
sha:35c3a42922fcc16ec0533d48dfca068f629194c1
linux-buildinfo-4.15.0-234-tuxcare.els22-lowlatency_4.15.0-234.245_amd64.deb
sha:d2074e209f5e1bae2cd61ca3c430dc26d4cd5db0
linux-cloud-tools-4.15.0-234-tuxcare.els22_4.15.0-234.245_amd64.deb
sha:799d5687ce258fa82fd6c5c9a32a330007e929e0
linux-cloud-tools-4.15.0-234-tuxcare.els22-generic_4.15.0-234.245_amd64.deb
sha:6f0257c5161b6113f54a05f0d1af67efe193850f
linux-cloud-tools-4.15.0-234-tuxcare.els22-lowlatency_4.15.0-234.245_amd64.deb
sha:a4d576ee50dd2141aaa6c29130fb0b2d79b3fc68
linux-cloud-tools-common_4.15.0-234.245_all.deb
sha:9109d174a4008a9b33bdd537cddbbe4dde92e637
linux-cloud-tools-generic_4.15.0.234.245_amd64.deb
sha:3c8af8296919cf8597a77cfab6ef7c5f0f82ddf9
linux-cloud-tools-lowlatency_4.15.0.234.245_amd64.deb
sha:d853629ce94bf69ca3ac1bd6ee9662e989d0e815
linux-crashdump_4.15.0.234.245_amd64.deb
sha:6537ca26d5c831665f7e7e3c350ec7fcea3a9737
linux-doc_4.15.0-234.245_all.deb
sha:2798e08d731d435db6ce5d8f28c97470b56b4758
linux-generic_4.15.0.234.245_amd64.deb
sha:5cea386450ad87ee0d4e42808eceaeb0a1703e20
linux-headers-4.15.0-234-tuxcare.els22_4.15.0-234.245_all.deb
sha:5c731328b18ec9ecd2b03a725c7f4d45ddfb18d6
linux-headers-4.15.0-234-tuxcare.els22-generic_4.15.0-234.245_amd64.deb
sha:df69065472d57d6d4a9f65b42b8647d6ef295a82
linux-headers-4.15.0-234-tuxcare.els22-lowlatency_4.15.0-234.245_amd64.deb
sha:e470efb5150c87b10e222bf6e9c948923de17ec5
linux-headers-generic_4.15.0.234.245_amd64.deb
sha:f61fb26e88f0c9060edfba5a3a3ad49dea75e4b2
linux-headers-lowlatency_4.15.0.234.245_amd64.deb
sha:af78233bb80c44bc9550dbf2e4972a9ba49a74c0
linux-image-generic_4.15.0.234.245_amd64.deb
sha:578c70edd74857c8dcec43aa0f5baa900ec77470
linux-image-lowlatency_4.15.0.234.245_amd64.deb
sha:83663f28461b23fb2080edb434387e4a4adc95ac
linux-image-unsigned-4.15.0-234-tuxcare.els22-generic_4.15.0-234.245_amd64.deb
sha:7065469ca151db17534ddf0ddeb9b70caaf24d7a
linux-image-unsigned-4.15.0-234-tuxcare.els22-lowlatency_4.15.0-234.245_amd64.deb
sha:9560e7096bbe3fa290128363d0de586a28637449
linux-libc-dev_4.15.0-234.245_amd64.deb
sha:7e5b6009385166494addb458277e380998859bf0
linux-lowlatency_4.15.0.234.245_amd64.deb
sha:4a0d9d0a962cb9b62a76b013096774eca06a1422
linux-modules-4.15.0-234-tuxcare.els22-generic_4.15.0-234.245_amd64.deb
sha:3ea88bda5a450cd3ef8b4dc65b6d730071daec3d
linux-modules-4.15.0-234-tuxcare.els22-lowlatency_4.15.0-234.245_amd64.deb
sha:fddae26e6d190e960d18b8e036de4648646302e4
linux-modules-extra-4.15.0-234-tuxcare.els22-generic_4.15.0-234.245_amd64.deb
sha:ba30491feec375f7815f9b95ac7ef225849fe41b
linux-source_4.15.0.234.245_all.deb
sha:8e5f027c0eef8a09174504b4324efbab344ad2f5
linux-source-4.15.0_4.15.0-234.245_all.deb
sha:a22035b45a27b9de87f5c66ce4a2f3600c4d4871
linux-tools-4.15.0-234-tuxcare.els22_4.15.0-234.245_amd64.deb
sha:949592cd45759d9a192213272492404de0f60311
linux-tools-4.15.0-234-tuxcare.els22-generic_4.15.0-234.245_amd64.deb
sha:49264452d26574d736ea1c7d7f7d868fa45b4cb1
linux-tools-4.15.0-234-tuxcare.els22-lowlatency_4.15.0-234.245_amd64.deb
sha:dfa0afbbae47f0bdbc558fb93ca9c8294bcb7ddd
linux-tools-common_4.15.0-234.245_all.deb
sha:d1acfc0ee95bf3df89ef049c22134b275c5a3da1
linux-tools-generic_4.15.0.234.245_amd64.deb
sha:19b4ceb5f00c019e938071c78726785884e910fb
linux-tools-host_4.15.0-234.245_all.deb
sha:660c8f956d0bf38f627ce57c9e222838622f2539
linux-tools-lowlatency_4.15.0.234.245_amd64.deb
sha:1e900f249c19b30710d9b2676c5ea11dccfaad1a

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.