[CLSA-2024:1727817133] Fix of 74 CVEs

Type:

security

Severity:

Important

Release date:

2024-10-01 21:12:22 UTC

Description:

   * CVE-url: https://ubuntu.com/security/CVE-2024-26752
     - l2tp: pass correct message length to ip6_append_data
   * CVE-url: https://ubuntu.com/security/CVE-2021-47188
     - scsi: ufs: core: Improve SCSI abort handling
   * CVE-url: https://ubuntu.com/security/CVE-2024-26677
     - rxrpc: Fix delayed ACKs to not set the reference serial number
   * CVE-url: https://ubuntu.com/security/CVE-2023-52527
     - ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data()
   * CVE-url: https://ubuntu.com/security/CVE-2024-43882
     - exec: Fix ToCToU between perm check and set-uid/gid usage
   * CVE-url: https://ubuntu.com/security/CVE-2022-48943
     - KVM: x86/mmu: make apf token non-zero to fix bug
   * CVE-url: https://ubuntu.com/security/CVE-2024-38630
     - watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger
   * CVE-url: https://ubuntu.com/security/CVE-2024-44987
     - ipv6: prevent UAF in ip6_send_skb()
   * CVE-url: https://ubuntu.com/security/CVE-2024-42285
     - RDMA/iwcm: Fix a use-after-free related to destroying CM IDs
   * CVE-url: https://ubuntu.com/security/CVE-2022-48733
     - btrfs: fix use-after-free after failure to create a snapshot
   * CVE-url: https://ubuntu.com/security/CVE-2024-44940
     - fou: remove warn in gue_gro_receive on unsupported protocol
   * CVE-url: https://ubuntu.com/security/CVE-2024-41059
     - hfsplus: fix uninit-value in copy_name
   * CVE-url: https://ubuntu.com/security/CVE-2024-46673
     - scsi: aacraid: Fix double-free on probe failure
   * CVE-url: https://ubuntu.com/security/CVE-2024-42313
     - media: venus: fix use after free in vdec_close
   * CVE-url: https://ubuntu.com/security/CVE-2024-44999
     - gtp: pull network headers in gtp_dev_xmit()
   * CVE-url: https://ubuntu.com/security/CVE-2024-42271
     - net/iucv: fix use after free in iucv_sock_close()
   * CVE-url: https://ubuntu.com/security/CVE-2024-44942
     - f2fs: fix to do sanity check on F2FS_INLINE_DATA flag in inode during GC
   * CVE-url: https://ubuntu.com/security/CVE-2024-43858
     - jfs: Fix array-index-out-of-bounds in diFree
   * CVE-url: https://ubuntu.com/security/CVE-2024-41071
     - wifi: mac80211: Avoid address calculations via out of bounds array indexing
   * CVE-url: https://ubuntu.com/security/CVE-2024-42301
     - dev/parport: fix the array out-of-bounds risk
   * CVE-url: https://ubuntu.com/security/CVE-2024-46674
     - usb: dwc3: st: fix probed platform device ref count on probe error path
   * CVE-url: https://ubuntu.com/security/CVE-2024-43900
     - media: xc2028: avoid use-after-free in load_firmware_cb()
   * CVE-url: https://ubuntu.com/security/CVE-2024-42284
     - tipc: Return non-zero value from tipc_udp_addr2str() on error
   * CVE-url: https://ubuntu.com/security/CVE-2024-44998
     - atm: idt77252: prevent use after free in dequeue_rx()
   * CVE-url: https://ubuntu.com/security/CVE-2024-42280
     - mISDN: Fix a use after free in hfcmulti_tx()
   * CVE-url: https://ubuntu.com/security/CVE-2024-39503
     - netns: add pre_exit method to struct pernet_operations
     - netfilter: ipset: Fix race between namespace cleanup and gc in the list:set
       type
   * CVE-url: https://ubuntu.com/security/CVE-2024-39499
     - vmci: prevent speculation leaks by sanitizing event in event_deliver()
   * CVE-url: https://ubuntu.com/security/CVE-2024-40988
     - drm/radeon: fix UBSAN warning in kv_dpm.c
   * CVE-url: https://ubuntu.com/security/CVE-2024-40916
     - drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found
   * CVE-url: https://ubuntu.com/security/CVE-2024-40904
     - USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages
   * CVE-url: https://ubuntu.com/security/CVE-2024-39506
     - liquidio: Adjust a NULL pointer handling path in lio_vf_rep_copy_packet
   * CVE-url: https://ubuntu.com/security/CVE-2024-42106
     - inet_diag: Initialize pad field in struct inet_diag_req_v2
   * CVE-url: https://ubuntu.com/security/CVE-2024-42145
     - IB/core: Implement a limit on UMAD receive List
   * CVE-url: https://ubuntu.com/security/CVE-2024-40945
     - iommu: Return right value in iommu_sva_bind_device()
   * CVE-url: https://ubuntu.com/security/CVE-2024-40932
     - drm/exynos/vidi: fix memory leak in .get_modes()
   * CVE-url: https://ubuntu.com/security/CVE-2024-41006
     - netrom: Fix a memory leak in nr_heartbeat_expiry()
   * CVE-url: https://ubuntu.com/security/CVE-2024-40943
     - ocfs2: fix races between hole punching and AIO+DIO
   * CVE-url: https://ubuntu.com/security/CVE-2024-36894
     - usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete
   * CVE-url: https://ubuntu.com/security/CVE-2024-42124
     - scsi: qedf: Make qedf_execute_tmf() non-preemptible
   * CVE-url: https://ubuntu.com/security/CVE-2024-42115
     - jffs2: Fix potential illegal address access in jffs2_free_inode
   * CVE-url: https://ubuntu.com/security/CVE-2024-41035
     - USB: core: Fix duplicate endpoint bug by clearing reserved bits in the
       descriptor
   * CVE-url: https://ubuntu.com/security/CVE-2024-41097
     - usb: atm: cxacru: fix endpoint checking in cxacru_bind()
   * CVE-url: https://ubuntu.com/security/CVE-2024-42119
     - drm/amd/display: Skip finding free audio for unknown engine_id
   * CVE-url: https://ubuntu.com/security/CVE-2024-39501
     - drivers: core: synchronize really_probe() and dev_uevent()
   * CVE-url: https://ubuntu.com/security/CVE-2024-42105
     - nilfs2: fix inode number range checks
   * CVE-url: https://ubuntu.com/security/CVE-2024-40984
     - ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is
       fine."
   * CVE-url: https://ubuntu.com/security/CVE-2024-40987
     - drm/amdgpu: fix UBSAN warning in kv_dpm.c
   * CVE-url: https://ubuntu.com/security/CVE-2024-42097
     - ALSA: emux: improve patch ioctl data validation
   * CVE-url: https://ubuntu.com/security/CVE-2024-42090
     - pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER
   * CVE-url: https://ubuntu.com/security/CVE-2024-40942
     - wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects
   * CVE-url: https://ubuntu.com/security/CVE-2024-40981
     - batman-adv: bypass empty buckets in batadv_purge_orig_ref()
   * CVE-url: https://ubuntu.com/security/CVE-2024-40959
     - xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr()
   * CVE-url: https://ubuntu.com/security/CVE-2024-42089
     - ASoC: fsl-asoc-card: set priv->pdev before using it
   * CVE-url: https://ubuntu.com/security/CVE-2024-40901
     - scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory
   * CVE-url: https://ubuntu.com/security/CVE-2024-42101
     - drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes
   * CVE-url: https://ubuntu.com/security/CVE-2024-40980
     - drop_monitor: replace spin_lock by raw_spin_lock
   * CVE-url: https://ubuntu.com/security/CVE-2024-42084
     - ftruncate: pass a signed offset
   * CVE-url: https://ubuntu.com/security/CVE-2024-39509
     - HID: core: remove unnecessary WARN_ON() in implement()
   * CVE-url: https://ubuntu.com/security/CVE-2024-42096
     - x86: stop playing stack games in profile_pc()
   * CVE-url: https://ubuntu.com/security/CVE-2024-38619
     - usb-storage: alauda: Check whether the media is initialized
   * CVE-url: https://ubuntu.com/security/CVE-2024-42102
     - Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(),
       again"
     - mm: avoid overflows in dirty throttling logic
   * CVE-url: https://ubuntu.com/security/CVE-2024-41044
     - ppp: reject claimed-as-LCP but actually malformed packets
   * CVE-url: https://ubuntu.com/security/CVE-2024-40978
     - scsi: qedi: Fix crash while reading debugfs attribute
   * CVE-url: https://ubuntu.com/security/CVE-2024-40941
     - wifi: iwlwifi: mvm: don't read past the mfuart notifcation
   * CVE-url: https://ubuntu.com/security/CVE-2024-40905
     - ipv6: fix possible race in __fib6_drop_pcpu_from()
   * CVE-url: https://ubuntu.com/security/CVE-2023-52803
     - SUNRPC: Fix RPC client cleaned up the freed pipefs dentries
   * CVE-url: https://ubuntu.com/security/CVE-2024-42104
     - nilfs2: add missing check for inode numbers on directory entries
   * CVE-url: https://ubuntu.com/security/CVE-2024-42148
     - bnx2x: Fix multiple UBSAN array-index-out-of-bounds
   * CVE-url: https://ubuntu.com/security/CVE-2024-42094
     - net/iucv: Avoid explicit cpumask var allocation on stack
   * CVE-url: https://ubuntu.com/security/CVE-2024-41046
     - net: ethernet: lantiq_etop: fix double free in detach
   * CVE-url: https://ubuntu.com/security/CVE-2024-38538
     - net: bridge: xmit: make sure we have at least eth header len bytes
   * CVE-url: https://ubuntu.com/security/CVE-2024-26830
     - i40e: Fix permission check for VF MAC filters
     - i40e: Fix MAC address setting for a VF via Host/VM
     - i40e: Do not allow untrusted VF to remove administratively set MAC
   * CVE-url: https://ubuntu.com/security/CVE-2023-52885
     - SUNRPC: Fix UAF in svc_tcp_listen_data_ready()
   * CVE-url: https://ubuntu.com/security/CVE-2023-52629
     - sh: push-switch: Reorder cleanup operations to avoid use-after-free bug
   * Miscellaneous upstream changes
     - fixup! scsi: qla2xxx: Fix double free of fcport

Updated packages:

linux-buildinfo-4.15.0-237-tuxcare.els25-generic_4.15.0-237.248_amd64.deb
sha:5cd643f6d22ccc38da70bcdc4472b51320d140e1
linux-buildinfo-4.15.0-237-tuxcare.els25-lowlatency_4.15.0-237.248_amd64.deb
sha:e9b3d9887f5960b36cfdb6c76d1313453bcb2f74
linux-cloud-tools-4.15.0-237-tuxcare.els25_4.15.0-237.248_amd64.deb
sha:b242e598c8f7a18bf025f7888ecf54f7c9279420
linux-cloud-tools-4.15.0-237-tuxcare.els25-generic_4.15.0-237.248_amd64.deb
sha:d4974509d9da332cc841ee4bb249e5538af1c3f8
linux-cloud-tools-4.15.0-237-tuxcare.els25-lowlatency_4.15.0-237.248_amd64.deb
sha:0b5f53084b06162964cd26d9b4d2993e0a1d5132
linux-cloud-tools-common_4.15.0-237.248_all.deb
sha:d9eaa2506a4947330cf8d5faa6ac4ed37f4627c9
linux-cloud-tools-generic_4.15.0.237.248_amd64.deb
sha:b7e9e077ae5587955203fc5e4fd6c6ea744ed73a
linux-cloud-tools-lowlatency_4.15.0.237.248_amd64.deb
sha:e34e95991cc92aef483c394bb3e215b0bc766674
linux-crashdump_4.15.0.237.248_amd64.deb
sha:622972ee9d6477e672f7e0ae63395900dc556cd2
linux-doc_4.15.0-237.248_all.deb
sha:5f4b635a5d1f48ead5360dea7fd3bbac558d76fd
linux-generic_4.15.0.237.248_amd64.deb
sha:38106632c5d38bedab7722f37c883cabcfc27b6b
linux-headers-4.15.0-237-tuxcare.els25_4.15.0-237.248_all.deb
sha:0ec20fcc0163f21d1414a1fa7eade8411244075b
linux-headers-4.15.0-237-tuxcare.els25-generic_4.15.0-237.248_amd64.deb
sha:275bc23fe180d440c343e64cc787798ba000baca
linux-headers-4.15.0-237-tuxcare.els25-lowlatency_4.15.0-237.248_amd64.deb
sha:52e96be26e6f765d27e05cb62caa2cbcce7003f2
linux-headers-generic_4.15.0.237.248_amd64.deb
sha:da874972bfdcb2a39b62302f46ec0341fea70eb1
linux-headers-lowlatency_4.15.0.237.248_amd64.deb
sha:dd80837698ae401277ed7a3fec7e186ab2b483b3
linux-image-generic_4.15.0.237.248_amd64.deb
sha:818b7bb446a9d0248e22516de1c69ce13aa0e8d5
linux-image-lowlatency_4.15.0.237.248_amd64.deb
sha:c024ec0815ec0a4f948d5c1e7b3838e4fbcffcb5
linux-image-unsigned-4.15.0-237-tuxcare.els25-generic_4.15.0-237.248_amd64.deb
sha:41320ba7491488971679f4371cc81375a6935913
linux-image-unsigned-4.15.0-237-tuxcare.els25-lowlatency_4.15.0-237.248_amd64.deb
sha:6f1f7ad9068d423d58819fcdbdc215d628dfe860
linux-libc-dev_4.15.0-237.248_amd64.deb
sha:e3be6e36e5cf941701c7e8a365a66893b0941fb1
linux-lowlatency_4.15.0.237.248_amd64.deb
sha:9b74f8b63e3b004dd4f9fd93e209e36aebc40fc9
linux-modules-4.15.0-237-tuxcare.els25-generic_4.15.0-237.248_amd64.deb
sha:fcce58dd2b3662550286d33d520f8330290e349b
linux-modules-4.15.0-237-tuxcare.els25-lowlatency_4.15.0-237.248_amd64.deb
sha:033baeefb9f4c485535136cdef0ffb125c193e2b
linux-modules-extra-4.15.0-237-tuxcare.els25-generic_4.15.0-237.248_amd64.deb
sha:0a4e2fe5fbd9296366adea82d334b9cbc7a4ccdd
linux-source_4.15.0.237.248_all.deb
sha:9742efa06820256261968b563ce2f9205cb19b81
linux-source-4.15.0_4.15.0-237.248_all.deb
sha:4a4d2f64d2fc1ee376c298ad4f5d6bf9ca1e10dc
linux-tools-4.15.0-237-tuxcare.els25_4.15.0-237.248_amd64.deb
sha:f2205c099a2b4ed38b1424e2a75e385eecbe1987
linux-tools-4.15.0-237-tuxcare.els25-generic_4.15.0-237.248_amd64.deb
sha:5b21c52ff023d9bc5f299f635b1b3e1ae2774255
linux-tools-4.15.0-237-tuxcare.els25-lowlatency_4.15.0-237.248_amd64.deb
sha:543a9ffd411fcd12881ba13a4cfd4737e58f70c5
linux-tools-common_4.15.0-237.248_all.deb
sha:e775acac15453dbd8706fe76063807eef4a3f0e1
linux-tools-generic_4.15.0.237.248_amd64.deb
sha:12ee6ae3adab37b1657720f7754e577ce4998ea1
linux-tools-host_4.15.0-237.248_all.deb
sha:c83210d82f495e466aa22e8441ce4ceec154110d
linux-tools-lowlatency_4.15.0.237.248_amd64.deb
sha:965c971651e74d29f6073ffa892705031eac21a3

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.