Ubuntu 6586 Published by

The following security updates are available for Ubuntu Linux:

[USN-6723-1] Bind vulnerabilities
[USN-6721-2] X.Org X Server regression
[USN-6701-4] Linux kernel (Azure) vulnerabilities
[USN-6726-1] Linux kernel vulnerabilities
[USN-6724-1] Linux kernel vulnerabilities
[USN-6725-1] Linux kernel vulnerabilities
[LSN-0102-1] Linux kernel vulnerability




[USN-6723-1] Bind vulnerabilities


==========================================================================
Ubuntu Security Notice USN-6723-1
April 09, 2024

bind9 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 18.04 LTS (Available with Ubuntu Pro)
- Ubuntu 16.04 LTS (Available with Ubuntu Pro)
- Ubuntu 14.04 LTS (Available with Ubuntu Pro)

Summary:

Bind could be made to crash if it received specially crafted
input.

Software Description:
- bind9: Internet Domain Name Server

Details:

Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered
that Bind icorrectly handled validating DNSSEC messages. A remote attacker
could possibly use this issue to cause Bind to consume resources, leading
to a denial of service. (CVE-2023-50387)

It was discovered that Bind incorrectly handled preparing an NSEC3 closest
encloser proof. A remote attacker could possibly use this issue to cause
Bind to consume resources, leading to a denial of service. (CVE-2023-50868)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS (Available with Ubuntu Pro):
bind9 1:9.11.3+dfsg-1ubuntu1.19+esm3

Ubuntu 16.04 LTS (Available with Ubuntu Pro):
bind9 1:9.10.3.dfsg.P4-8ubuntu1.19+esm8

Ubuntu 14.04 LTS (Available with Ubuntu Pro):
bind9 1:9.9.5.dfsg-3ubuntu0.19+esm12

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-6723-1
CVE-2023-50387, CVE-2023-50868



[USN-6721-2] X.Org X Server regression


=========================================================================
Ubuntu Security Notice USN-6721-2
April 09, 2024

xorg-server, xwayland regression
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 23.10
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS (Available with Ubuntu Pro)
- Ubuntu 16.04 LTS (Available with Ubuntu Pro)
- Ubuntu 14.04 LTS (Available with Ubuntu Pro)

Summary:

A regression was fixed in X.Org X Server.

Software Description:
- xorg-server: X.Org X11 server
- xwayland: X server for running X clients under Wayland

Details:

USN-6721-1 fixed vulnerabilities in X.Org X Server. That fix was incomplete
resulting in a regression. This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

It was discovered that X.Org X Server incorrectly handled certain data.
An attacker could possibly use this issue to expose sensitive information.
(CVE-2024-31080, CVE-2024-31081, CVE-2024-31082)

It was discovered that X.Org X Server incorrectly handled certain glyphs.
An attacker could possibly use this issue to cause a crash or expose sensitive
information. (CVE-2024-31083)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 23.10:
xserver-xorg-core 2:21.1.7-3ubuntu2.9
xwayland 2:23.2.0-1ubuntu0.6

Ubuntu 22.04 LTS:
xserver-xorg-core 2:21.1.4-2ubuntu1.7~22.04.10
xwayland 2:22.1.1-1ubuntu0.13

Ubuntu 20.04 LTS:
xserver-xorg-core 2:1.20.13-1ubuntu1~20.04.17
xwayland 2:1.20.13-1ubuntu1~20.04.17

Ubuntu 18.04 LTS (Available with Ubuntu Pro):
xserver-xorg-core 2:1.19.6-1ubuntu4.15+esm8
xwayland 2:1.19.6-1ubuntu4.15+esm8

Ubuntu 16.04 LTS (Available with Ubuntu Pro):
xserver-xorg-core 2:1.18.4-0ubuntu0.12+esm13
xwayland 2:1.18.4-0ubuntu0.12+esm13

Ubuntu 14.04 LTS (Available with Ubuntu Pro):
xserver-xorg-core 2:1.15.1-0ubuntu2.11+esm12

After a standard system update you need to restart -APP- to make
all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-6721-2
https://ubuntu.com/security/notices/USN-6721-1
https://launchpad.net/bugs/2060354

Package Information:
https://launchpad.net/ubuntu/+source/xorg-server/2:21.1.7-3ubuntu2.9
https://launchpad.net/ubuntu/+source/xwayland/2:23.2.0-1ubuntu0.6
https://launchpad.net/ubuntu/+source/xorg-server/2:21.1.4-2ubuntu1.7~22.04.10
https://launchpad.net/ubuntu/+source/xwayland/2:22.1.1-1ubuntu0.13
https://launchpad.net/ubuntu/+source/xorg-server/2:1.20.13-1ubuntu1~20.04.17



[USN-6701-4] Linux kernel (Azure) vulnerabilities


==========================================================================
Ubuntu Security Notice USN-6701-4
April 09, 2024

linux-azure vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 14.04 LTS (Available with Ubuntu Pro)

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-azure: Linux kernel for Microsoft Azure Cloud systems

Details:

Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did
not properly perform permissions checks when handling HCI sockets. A
physically proximate attacker could use this to cause a denial of service
(bluetooth communication). (CVE-2023-2002)

It was discovered that the NVIDIA Tegra XUSB pad controller driver in the
Linux kernel did not properly handle return values in certain error
conditions. A local attacker could use this to cause a denial of service
(system crash). (CVE-2023-23000)

It was discovered that Spectre-BHB mitigations were missing for Ampere
processors. A local attacker could potentially use this to expose sensitive
information. (CVE-2023-3006)

It was discovered that the ext4 file system implementation in the Linux
kernel did not properly handle block device modification while it is
mounted. A privileged attacker could use this to cause a denial of service
(system crash) or possibly expose sensitive information. (CVE-2023-34256)

Eric Dumazet discovered that the netfilter subsystem in the Linux kernel
did not properly handle DCCP conntrack buffers in certain situations,
leading to an out-of-bounds read vulnerability. An attacker could possibly
use this to expose sensitive information (kernel memory). (CVE-2023-39197)

It was discovered that the Siano USB MDTV receiver device driver in the
Linux kernel did not properly handle device initialization failures in
certain situations, leading to a use-after-free vulnerability. A physically
proximate attacker could use this cause a denial of service (system crash).
(CVE-2023-4132)

Pratyush Yadav discovered that the Xen network backend implementation in
the Linux kernel did not properly handle zero length data request, leading
to a null pointer dereference vulnerability. An attacker in a guest VM
could possibly use this to cause a denial of service (host domain crash).
(CVE-2023-46838)

It was discovered that a race condition existed in the AppleTalk networking
subsystem of the Linux kernel, leading to a use-after-free vulnerability. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2023-51781)

Alon Zahavi discovered that the NVMe-oF/TCP subsystem of the Linux kernel
did not properly handle connect command payloads in certain situations,
leading to an out-of-bounds read vulnerability. A remote attacker could use
this to expose sensitive information (kernel memory). (CVE-2023-6121)

It was discovered that the ext4 file system implementation in the Linux
kernel did not properly handle the remount operation in certain cases,
leading to a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly expose sensitive
information. (CVE-2024-0775)

Notselwyn discovered that the netfilter subsystem in the Linux kernel did
not properly handle verdict parameters in certain cases, leading to a use-
after-free vulnerability. A local attacker could use this to cause a denial
of service (system crash) or possibly execute arbitrary code.
(CVE-2024-1086)

It was discovered that a race condition existed in the SCSI Emulex
LightPulse Fibre Channel driver in the Linux kernel when unregistering FCF
and re-scanning an HBA FCF table, leading to a null pointer dereference
vulnerability. A local attacker could use this to cause a denial of service
(system crash). (CVE-2024-24855)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 LTS (Available with Ubuntu Pro):
linux-image-4.15.0-1175-azure 4.15.0-1175.190~14.04.1
linux-image-azure 4.15.0.1175.141

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-6701-4
https://ubuntu.com/security/notices/USN-6701-1
CVE-2023-2002, CVE-2023-23000, CVE-2023-3006, CVE-2023-34256,
CVE-2023-39197, CVE-2023-4132, CVE-2023-46838, CVE-2023-51781,
CVE-2023-6121, CVE-2024-0775, CVE-2024-1086, CVE-2024-24855



[USN-6726-1] Linux kernel vulnerabilities


==========================================================================
Ubuntu Security Notice USN-6726-1
April 09, 2024

linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4,
linux-bluefield, linux-gcp, linux-gcp-5.4, linux-gkeop, linux-hwe-5.4,
linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4,
linux-raspi, linux-raspi-5.4 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS (Available with Ubuntu Pro)

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux: Linux kernel
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
- linux-azure: Linux kernel for Microsoft Azure Cloud systems
- linux-bluefield: Linux kernel for NVIDIA BlueField platforms
- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems
- linux-gkeop: Linux kernel for Google Container Engine (GKE) systems
- linux-ibm: Linux kernel for IBM cloud systems
- linux-kvm: Linux kernel for cloud environments
- linux-oracle: Linux kernel for Oracle Cloud systems
- linux-raspi: Linux kernel for Raspberry Pi systems
- linux-aws-5.4: Linux kernel for Amazon Web Services (AWS) systems
- linux-azure-5.4: Linux kernel for Microsoft Azure cloud systems
- linux-gcp-5.4: Linux kernel for Google Cloud Platform (GCP) systems
- linux-hwe-5.4: Linux hardware enablement (HWE) kernel
- linux-ibm-5.4: Linux kernel for IBM cloud systems
- linux-oracle-5.4: Linux kernel for Oracle Cloud systems
- linux-raspi-5.4: Linux kernel for Raspberry Pi systems

Details:

Pratyush Yadav discovered that the Xen network backend implementation in
the Linux kernel did not properly handle zero length data request, leading
to a null pointer dereference vulnerability. An attacker in a guest VM
could possibly use this to cause a denial of service (host domain crash).
(CVE-2023-46838)

It was discovered that the IPv6 implementation of the Linux kernel did not
properly manage route cache memory usage. A remote attacker could use this
to cause a denial of service (memory exhaustion). (CVE-2023-52340)

It was discovered that the device mapper driver in the Linux kernel did not
properly validate target size during certain memory allocations. A local
attacker could use this to cause a denial of service (system crash).
(CVE-2023-52429, CVE-2024-23851)

Dan Carpenter discovered that the netfilter subsystem in the Linux kernel
did not store data in properly sized memory locations. A local user could
use this to cause a denial of service (system crash). (CVE-2024-0607)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Architecture specifics;
- Cryptographic API;
- Android drivers;
- EDAC drivers;
- GPU drivers;
- Media drivers;
- MTD block device drivers;
- Network drivers;
- NVME drivers;
- TTY drivers;
- Userspace I/O drivers;
- F2FS file system;
- GFS2 file system;
- IPv6 Networking;
- AppArmor security module;
(CVE-2023-52464, CVE-2023-52448, CVE-2023-52457, CVE-2023-52443,
CVE-2023-52439, CVE-2023-52612, CVE-2024-26633, CVE-2024-26597,
CVE-2023-52449, CVE-2023-52444, CVE-2023-52609, CVE-2023-52469,
CVE-2023-52445, CVE-2023-52451, CVE-2023-52470, CVE-2023-52454,
CVE-2023-52436, CVE-2023-52438)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
linux-image-5.4.0-1069-ibm 5.4.0-1069.74
linux-image-5.4.0-1082-bluefield 5.4.0-1082.89
linux-image-5.4.0-1089-gkeop 5.4.0-1089.93
linux-image-5.4.0-1106-raspi 5.4.0-1106.118
linux-image-5.4.0-1110-kvm 5.4.0-1110.117
linux-image-5.4.0-1121-oracle 5.4.0-1121.130
linux-image-5.4.0-1122-aws 5.4.0-1122.132
linux-image-5.4.0-1126-gcp 5.4.0-1126.135
linux-image-5.4.0-1127-azure 5.4.0-1127.134
linux-image-5.4.0-176-generic 5.4.0-176.196
linux-image-5.4.0-176-generic-lpae 5.4.0-176.196
linux-image-5.4.0-176-lowlatency 5.4.0-176.196
linux-image-aws-lts-20.04 5.4.0.1122.119
linux-image-azure-lts-20.04 5.4.0.1127.121
linux-image-bluefield 5.4.0.1082.78
linux-image-gcp-lts-20.04 5.4.0.1126.128
linux-image-generic 5.4.0.176.174
linux-image-generic-lpae 5.4.0.176.174
linux-image-gkeop 5.4.0.1089.87
linux-image-gkeop-5.4 5.4.0.1089.87
linux-image-ibm-lts-20.04 5.4.0.1069.98
linux-image-kvm 5.4.0.1110.106
linux-image-lowlatency 5.4.0.176.174
linux-image-oem 5.4.0.176.174
linux-image-oem-osp1 5.4.0.176.174
linux-image-oracle-lts-20.04 5.4.0.1121.114
linux-image-raspi 5.4.0.1106.136
linux-image-raspi2 5.4.0.1106.136
linux-image-virtual 5.4.0.176.174

Ubuntu 18.04 LTS (Available with Ubuntu Pro):
linux-image-5.4.0-1069-ibm 5.4.0-1069.74~18.04.1
linux-image-5.4.0-1106-raspi 5.4.0-1106.118~18.04.1
linux-image-5.4.0-1121-oracle 5.4.0-1121.130~18.04.1
linux-image-5.4.0-1122-aws 5.4.0-1122.132~18.04.1
linux-image-5.4.0-1126-gcp 5.4.0-1126.135~18.04.1
linux-image-5.4.0-1127-azure 5.4.0-1127.134~18.04.1
linux-image-5.4.0-175-generic 5.4.0-175.195~18.04.1
linux-image-5.4.0-175-lowlatency 5.4.0-175.195~18.04.1
linux-image-aws 5.4.0.1122.132~18.04.1
linux-image-azure 5.4.0.1127.134~18.04.1
linux-image-gcp 5.4.0.1126.135~18.04.1
linux-image-generic-hwe-18.04 5.4.0.175.195~18.04.1
linux-image-ibm 5.4.0.1069.79
linux-image-lowlatency-hwe-18.04 5.4.0.175.195~18.04.1
linux-image-oem 5.4.0.175.195~18.04.1
linux-image-oem-osp1 5.4.0.175.195~18.04.1
linux-image-oracle 5.4.0.1121.130~18.04.1
linux-image-raspi-hwe-18.04 5.4.0.1106.103
linux-image-snapdragon-hwe-18.04 5.4.0.175.195~18.04.1
linux-image-virtual-hwe-18.04 5.4.0.175.195~18.04.1

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-6726-1
CVE-2023-46838, CVE-2023-52340, CVE-2023-52429, CVE-2023-52436,
CVE-2023-52438, CVE-2023-52439, CVE-2023-52443, CVE-2023-52444,
CVE-2023-52445, CVE-2023-52448, CVE-2023-52449, CVE-2023-52451,
CVE-2023-52454, CVE-2023-52457, CVE-2023-52464, CVE-2023-52469,
CVE-2023-52470, CVE-2023-52609, CVE-2023-52612, CVE-2024-0607,
CVE-2024-23851, CVE-2024-26597, CVE-2024-26633

Package Information:
https://launchpad.net/ubuntu/+source/linux/5.4.0-176.196
https://launchpad.net/ubuntu/+source/linux-aws/5.4.0-1122.132
https://launchpad.net/ubuntu/+source/linux-azure/5.4.0-1127.134
https://launchpad.net/ubuntu/+source/linux-bluefield/5.4.0-1082.89
https://launchpad.net/ubuntu/+source/linux-gcp/5.4.0-1126.135
https://launchpad.net/ubuntu/+source/linux-gkeop/5.4.0-1089.93
https://launchpad.net/ubuntu/+source/linux-ibm/5.4.0-1069.74
https://launchpad.net/ubuntu/+source/linux-kvm/5.4.0-1110.117
https://launchpad.net/ubuntu/+source/linux-oracle/5.4.0-1121.130
https://launchpad.net/ubuntu/+source/linux-raspi/5.4.0-1106.118



[USN-6724-1] Linux kernel vulnerabilities


==========================================================================
Ubuntu Security Notice USN-6724-1
April 09, 2024

linux, linux-aws, linux-azure, linux-azure-6.5, linux-gcp, linux-gcp-6.5,
linux-hwe-6.5, linux-laptop, linux-lowlatency, linux-lowlatency-hwe-6.5,
linux-oem-6.5, linux-oracle, linux-oracle-6.5, linux-starfive,
linux-starfive-6.5 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 23.10
- Ubuntu 22.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux: Linux kernel
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
- linux-azure: Linux kernel for Microsoft Azure Cloud systems
- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems
- linux-laptop: Linux kernel for Lenovo X13s ARM laptops
- linux-lowlatency: Linux low latency kernel
- linux-oracle: Linux kernel for Oracle Cloud systems
- linux-starfive: Linux kernel for StarFive processors
- linux-azure-6.5: Linux kernel for Microsoft Azure cloud systems
- linux-gcp-6.5: Linux kernel for Google Cloud Platform (GCP) systems
- linux-hwe-6.5: Linux hardware enablement (HWE) kernel
- linux-lowlatency-hwe-6.5: Linux low latency kernel
- linux-oem-6.5: Linux kernel for OEM systems
- linux-oracle-6.5: Linux kernel for Oracle Cloud systems
- linux-starfive-6.5: Linux kernel for StarFive processors

Details:

Pratyush Yadav discovered that the Xen network backend implementation in
the Linux kernel did not properly handle zero length data request, leading
to a null pointer dereference vulnerability. An attacker in a guest VM
could possibly use this to cause a denial of service (host domain crash).
(CVE-2023-46838)

It was discovered that the Habana's AI Processors driver in the Linux
kernel did not properly initialize certain data structures before passing
them to user space. A local attacker could use this to expose sensitive
information (kernel memory). (CVE-2023-50431)

It was discovered that the device mapper driver in the Linux kernel did not
properly validate target size during certain memory allocations. A local
attacker could use this to cause a denial of service (system crash).
(CVE-2023-52429, CVE-2024-23851)

It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly validate certain SMB messages, leading to an
out-of-bounds read vulnerability. An attacker could use this to cause a
denial of service (system crash) or possibly expose sensitive information.
(CVE-2023-6610)

Yang Chaoming discovered that the KSMBD implementation in the Linux kernel
did not properly validate request buffer sizes, leading to an out-of-bounds
read vulnerability. An attacker could use this to cause a denial of service
(system crash) or possibly expose sensitive information. (CVE-2024-22705)

Chenyuan Yang discovered that the btrfs file system in the Linux kernel did
not properly handle read operations on newly created subvolumes in certain
conditions. A local attacker could use this to cause a denial of service
(system crash). (CVE-2024-23850)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Android drivers;
- Userspace I/O drivers;
- F2FS file system;
- SMB network file system;
- Networking core;
(CVE-2023-52434, CVE-2023-52436, CVE-2023-52435, CVE-2023-52439,
CVE-2023-52438)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 23.10:
linux-image-6.5.0-1011-starfive 6.5.0-1011.12
linux-image-6.5.0-1013-laptop 6.5.0-1013.16
linux-image-6.5.0-1017-aws 6.5.0-1017.17
linux-image-6.5.0-1017-gcp 6.5.0-1017.17
linux-image-6.5.0-1018-azure 6.5.0-1018.19
linux-image-6.5.0-1018-azure-fde 6.5.0-1018.19
linux-image-6.5.0-1020-oracle 6.5.0-1020.20
linux-image-6.5.0-1020-oracle-64k 6.5.0-1020.20
linux-image-6.5.0-27-generic 6.5.0-27.28
linux-image-6.5.0-27-generic-64k 6.5.0-27.28
linux-image-6.5.0-27-lowlatency 6.5.0-27.28.1
linux-image-6.5.0-27-lowlatency-64k 6.5.0-27.28.1
linux-image-aws 6.5.0.1017.17
linux-image-azure 6.5.0.1018.22
linux-image-azure-fde 6.5.0.1018.22
linux-image-gcp 6.5.0.1017.17
linux-image-generic 6.5.0.27.27
linux-image-generic-64k 6.5.0.27.27
linux-image-generic-lpae 6.5.0.27.27
linux-image-kvm 6.5.0.27.27
linux-image-laptop-23.10 6.5.0.1013.16
linux-image-lowlatency 6.5.0.27.28.18
linux-image-lowlatency-64k 6.5.0.27.28.18
linux-image-oracle 6.5.0.1020.22
linux-image-oracle-64k 6.5.0.1020.22
linux-image-starfive 6.5.0.1011.13
linux-image-virtual 6.5.0.27.27

Ubuntu 22.04 LTS:
linux-image-6.5.0-1011-starfive 6.5.0-1011.12~22.04.1
linux-image-6.5.0-1017-gcp 6.5.0-1017.17~22.04.1
linux-image-6.5.0-1018-azure 6.5.0-1018.19~22.04.2
linux-image-6.5.0-1018-azure-fde 6.5.0-1018.19~22.04.2
linux-image-6.5.0-1019-oem 6.5.0-1019.20
linux-image-6.5.0-1020-oracle 6.5.0-1020.20~22.04.1
linux-image-6.5.0-1020-oracle-64k 6.5.0-1020.20~22.04.1
linux-image-6.5.0-27-generic 6.5.0-27.28~22.04.1
linux-image-6.5.0-27-generic-64k 6.5.0-27.28~22.04.1
linux-image-6.5.0-27-lowlatency 6.5.0-27.28.1~22.04.1
linux-image-6.5.0-27-lowlatency-64k 6.5.0-27.28.1~22.04.1
linux-image-azure 6.5.0.1018.19~22.04.2
linux-image-azure-fde 6.5.0.1018.19~22.04.2
linux-image-gcp 6.5.0.1017.17~22.04.1
linux-image-generic-64k-hwe-22.04 6.5.0.27.28~22.04.1
linux-image-generic-hwe-22.04 6.5.0.27.28~22.04.1
linux-image-lowlatency-64k-hwe-22.04 6.5.0.27.28.1~22.04.1
linux-image-lowlatency-hwe-22.04 6.5.0.27.28.1~22.04.1
linux-image-oem-22.04 6.5.0.1019.21
linux-image-oem-22.04a 6.5.0.1019.21
linux-image-oem-22.04b 6.5.0.1019.21
linux-image-oem-22.04c 6.5.0.1019.21
linux-image-oem-22.04d 6.5.0.1019.21
linux-image-oracle 6.5.0.1020.20~22.04.1
linux-image-oracle-64k 6.5.0.1020.20~22.04.1
linux-image-starfive 6.5.0.1011.12~22.04.1
linux-image-virtual-hwe-22.04 6.5.0.27.28~22.04.1

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-6724-1
CVE-2023-46838, CVE-2023-50431, CVE-2023-52429, CVE-2023-52434,
CVE-2023-52435, CVE-2023-52436, CVE-2023-52438, CVE-2023-52439,
CVE-2023-6610, CVE-2024-22705, CVE-2024-23850, CVE-2024-23851

Package Information:
https://launchpad.net/ubuntu/+source/linux/6.5.0-27.28
https://launchpad.net/ubuntu/+source/linux-aws/6.5.0-1017.17
https://launchpad.net/ubuntu/+source/linux-azure/6.5.0-1018.19
https://launchpad.net/ubuntu/+source/linux-gcp/6.5.0-1017.17
https://launchpad.net/ubuntu/+source/linux-laptop/6.5.0-1013.16
https://launchpad.net/ubuntu/+source/linux-lowlatency/6.5.0-27.28.1
https://launchpad.net/ubuntu/+source/linux-oracle/6.5.0-1020.20
https://launchpad.net/ubuntu/+source/linux-starfive/6.5.0-1011.12
https://launchpad.net/ubuntu/+source/linux-azure-6.5/6.5.0-1018.19~22.04.2
https://launchpad.net/ubuntu/+source/linux-gcp-6.5/6.5.0-1017.17~22.04.1
https://launchpad.net/ubuntu/+source/linux-hwe-6.5/6.5.0-27.28~22.04.1

https://launchpad.net/ubuntu/+source/linux-lowlatency-hwe-6.5/6.5.0-27.28.1~22.04.1
https://launchpad.net/ubuntu/+source/linux-oem-6.5/6.5.0-1019.20
https://launchpad.net/ubuntu/+source/linux-oracle-6.5/6.5.0-1020.20~22.04.1

https://launchpad.net/ubuntu/+source/linux-starfive-6.5/6.5.0-1011.12~22.04.1



[USN-6725-1] Linux kernel vulnerabilities


==========================================================================
Ubuntu Security Notice USN-6725-1
April 09, 2024

linux, linux-azure, linux-azure-5.15, linux-azure-fde,
linux-azure-fde-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop,
linux-gkeop-5.15, linux-hwe-5.15, linux-ibm, linux-ibm-5.15,
linux-intel-iotg, linux-intel-iotg-5.15, linux-kvm, linux-lowlatency,
linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle, linux-oracle-5.15,
linux-raspi vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux: Linux kernel
- linux-azure: Linux kernel for Microsoft Azure Cloud systems
- linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems
- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems
- linux-gke: Linux kernel for Google Container Engine (GKE) systems
- linux-gkeop: Linux kernel for Google Container Engine (GKE) systems
- linux-ibm: Linux kernel for IBM cloud systems
- linux-intel-iotg: Linux kernel for Intel IoT platforms
- linux-kvm: Linux kernel for cloud environments
- linux-lowlatency: Linux low latency kernel
- linux-nvidia: Linux kernel for NVIDIA systems
- linux-oracle: Linux kernel for Oracle Cloud systems
- linux-raspi: Linux kernel for Raspberry Pi systems
- linux-azure-5.15: Linux kernel for Microsoft Azure cloud systems
- linux-azure-fde-5.15: Linux kernel for Microsoft Azure CVM cloud systems
- linux-gcp-5.15: Linux kernel for Google Cloud Platform (GCP) systems
- linux-gkeop-5.15: Linux kernel for Google Container Engine (GKE) systems
- linux-hwe-5.15: Linux hardware enablement (HWE) kernel
- linux-ibm-5.15: Linux kernel for IBM cloud systems
- linux-intel-iotg-5.15: Linux kernel for Intel IoT platforms
- linux-lowlatency-hwe-5.15: Linux low latency kernel
- linux-oracle-5.15: Linux kernel for Oracle Cloud systems

Details:

Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel
did not properly validate certain data structure fields when parsing lease
contexts, leading to an out-of-bounds read vulnerability. A remote attacker
could use this to cause a denial of service (system crash) or possibly
expose sensitive information. (CVE-2023-1194)

Quentin Minster discovered that a race condition existed in the KSMBD
implementation in the Linux kernel, leading to a use-after-free
vulnerability. A remote attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2023-32254)

It was discovered that a race condition existed in the KSMBD implementation
in the Linux kernel when handling session connections, leading to a use-
after-free vulnerability. A remote attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2023-32258)

It was discovered that the KSMBD implementation in the Linux kernel did not
properly validate buffer sizes in certain operations, leading to an integer
underflow and out-of-bounds read vulnerability. A remote attacker could use
this to cause a denial of service (system crash) or possibly expose
sensitive information. (CVE-2023-38427)

Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel
did not properly validate SMB request protocol IDs, leading to a out-of-
bounds read vulnerability. A remote attacker could possibly use this to
cause a denial of service (system crash). (CVE-2023-38430)

Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel
did not properly validate packet header sizes in certain situations,
leading to an out-of-bounds read vulnerability. A remote attacker could use
this to cause a denial of service (system crash) or possibly expose
sensitive information. (CVE-2023-38431)

It was discovered that the KSMBD implementation in the Linux kernel did not
properly handle session setup requests, leading to an out-of-bounds read
vulnerability. A remote attacker could use this to expose sensitive
information. (CVE-2023-3867)

Pratyush Yadav discovered that the Xen network backend implementation in
the Linux kernel did not properly handle zero length data request, leading
to a null pointer dereference vulnerability. An attacker in a guest VM
could possibly use this to cause a denial of service (host domain crash).
(CVE-2023-46838)

It was discovered that the IPv6 implementation of the Linux kernel did not
properly manage route cache memory usage. A remote attacker could use this
to cause a denial of service (memory exhaustion). (CVE-2023-52340)

It was discovered that the device mapper driver in the Linux kernel did not
properly validate target size during certain memory allocations. A local
attacker could use this to cause a denial of service (system crash).
(CVE-2023-52429, CVE-2024-23851)

Yang Chaoming discovered that the KSMBD implementation in the Linux kernel
did not properly validate request buffer sizes, leading to an out-of-bounds
read vulnerability. An attacker could use this to cause a denial of service
(system crash) or possibly expose sensitive information. (CVE-2024-22705)

Chenyuan Yang discovered that the btrfs file system in the Linux kernel did
not properly handle read operations on newly created subvolumes in certain
conditions. A local attacker could use this to cause a denial of service
(system crash). (CVE-2024-23850)

It was discovered that a race condition existed in the Bluetooth subsystem
in the Linux kernel, leading to a null pointer dereference vulnerability. A
privileged local attacker could use this to possibly cause a denial of
service (system crash). (CVE-2024-24860)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Architecture specifics;
- Block layer;
- Cryptographic API;
- Android drivers;
- EDAC drivers;
- GPU drivers;
- Media drivers;
- Multifunction device drivers;
- MTD block device drivers;
- Network drivers;
- NVME drivers;
- TTY drivers;
- Userspace I/O drivers;
- EFI Variable file system;
- F2FS file system;
- GFS2 file system;
- SMB network file system;
- BPF subsystem;
- IPv6 Networking;
- Network Traffic Control;
- AppArmor security module;
(CVE-2023-52463, CVE-2023-52445, CVE-2023-52462, CVE-2023-52609,
CVE-2023-52448, CVE-2023-52457, CVE-2023-52464, CVE-2023-52456,
CVE-2023-52454, CVE-2023-52438, CVE-2023-52480, CVE-2023-52443,
CVE-2023-52442, CVE-2024-26631, CVE-2023-52439, CVE-2023-52612,
CVE-2024-26598, CVE-2024-26586, CVE-2024-26589, CVE-2023-52444,
CVE-2023-52436, CVE-2024-26633, CVE-2024-26597, CVE-2023-52458,
CVE-2024-26591, CVE-2023-52449, CVE-2023-52467, CVE-2023-52441,
CVE-2023-52610, CVE-2023-52451, CVE-2023-52469, CVE-2023-52470)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS:
linux-image-5.15.0-102-generic 5.15.0-102.112
linux-image-5.15.0-102-generic-64k 5.15.0-102.112
linux-image-5.15.0-102-generic-lpae 5.15.0-102.112
linux-image-5.15.0-102-lowlatency 5.15.0-102.112
linux-image-5.15.0-102-lowlatency-64k 5.15.0-102.112
linux-image-5.15.0-1040-gkeop 5.15.0-1040.46
linux-image-5.15.0-1048-nvidia 5.15.0-1048.48
linux-image-5.15.0-1048-nvidia-lowlatency 5.15.0-1048.48
linux-image-5.15.0-1050-ibm 5.15.0-1050.53
linux-image-5.15.0-1050-raspi 5.15.0-1050.53
linux-image-5.15.0-1052-intel-iotg 5.15.0-1052.58
linux-image-5.15.0-1054-gke 5.15.0-1054.59
linux-image-5.15.0-1054-kvm 5.15.0-1054.59
linux-image-5.15.0-1055-gcp 5.15.0-1055.63
linux-image-5.15.0-1055-oracle 5.15.0-1055.61
linux-image-5.15.0-1060-azure 5.15.0-1060.69
linux-image-5.15.0-1060-azure-fde 5.15.0-1060.69.1
linux-image-azure-fde-lts-22.04 5.15.0.1060.69.38
linux-image-azure-lts-22.04 5.15.0.1060.58
linux-image-gcp-lts-22.04 5.15.0.1055.51
linux-image-generic 5.15.0.102.99
linux-image-generic-64k 5.15.0.102.99
linux-image-generic-lpae 5.15.0.102.99
linux-image-gke 5.15.0.1054.53
linux-image-gke-5.15 5.15.0.1054.53
linux-image-gkeop 5.15.0.1040.39
linux-image-gkeop-5.15 5.15.0.1040.39
linux-image-ibm 5.15.0.1050.46
linux-image-intel-iotg 5.15.0.1052.52
linux-image-kvm 5.15.0.1054.50
linux-image-lowlatency 5.15.0.102.98
linux-image-lowlatency-64k 5.15.0.102.98
linux-image-nvidia 5.15.0.1048.48
linux-image-nvidia-lowlatency 5.15.0.1048.48
linux-image-oracle-lts-22.04 5.15.0.1055.51
linux-image-raspi 5.15.0.1050.48
linux-image-raspi-nolpae 5.15.0.1050.48
linux-image-virtual 5.15.0.102.99

Ubuntu 20.04 LTS:
linux-image-5.15.0-102-generic 5.15.0-102.112~20.04.1
linux-image-5.15.0-102-generic-64k 5.15.0-102.112~20.04.1
linux-image-5.15.0-102-generic-lpae 5.15.0-102.112~20.04.1
linux-image-5.15.0-102-lowlatency 5.15.0-102.112~20.04.1
linux-image-5.15.0-102-lowlatency-64k 5.15.0-102.112~20.04.1
linux-image-5.15.0-1040-gkeop 5.15.0-1040.46~20.04.1
linux-image-5.15.0-1050-ibm 5.15.0-1050.53~20.04.1
linux-image-5.15.0-1052-intel-iotg 5.15.0-1052.58~20.04.1
linux-image-5.15.0-1055-gcp 5.15.0-1055.63~20.04.1
linux-image-5.15.0-1055-oracle 5.15.0-1055.61~20.04.1
linux-image-5.15.0-1060-azure 5.15.0-1060.69~20.04.1
linux-image-5.15.0-1060-azure-fde 5.15.0-1060.69~20.04.1.1
linux-image-azure 5.15.0.1060.69~20.04.1
linux-image-azure-cvm 5.15.0.1060.69~20.04.1
linux-image-azure-fde 5.15.0.1060.69~20.04.1.39
linux-image-gcp 5.15.0.1055.63~20.04.1
linux-image-generic-64k-hwe-20.04 5.15.0.102.112~20.04.1
linux-image-generic-hwe-20.04 5.15.0.102.112~20.04.1
linux-image-generic-lpae-hwe-20.04 5.15.0.102.112~20.04.1
linux-image-gkeop-5.15 5.15.0.1040.46~20.04.36
linux-image-ibm 5.15.0.1050.53~20.04.1
linux-image-intel 5.15.0.1052.58~20.04.1
linux-image-intel-iotg 5.15.0.1052.58~20.04.1
linux-image-lowlatency-64k-hwe-20.04 5.15.0.102.112~20.04.1
linux-image-lowlatency-hwe-20.04 5.15.0.102.112~20.04.1
linux-image-oem-20.04 5.15.0.102.112~20.04.1
linux-image-oem-20.04b 5.15.0.102.112~20.04.1
linux-image-oem-20.04c 5.15.0.102.112~20.04.1
linux-image-oem-20.04d 5.15.0.102.112~20.04.1
linux-image-oracle 5.15.0.1055.61~20.04.1
linux-image-virtual-hwe-20.04 5.15.0.102.112~20.04.1

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-6725-1
CVE-2023-1194, CVE-2023-32254, CVE-2023-32258, CVE-2023-38427,
CVE-2023-38430, CVE-2023-38431, CVE-2023-3867, CVE-2023-46838,
CVE-2023-52340, CVE-2023-52429, CVE-2023-52436, CVE-2023-52438,
CVE-2023-52439, CVE-2023-52441, CVE-2023-52442, CVE-2023-52443,
CVE-2023-52444, CVE-2023-52445, CVE-2023-52448, CVE-2023-52449,
CVE-2023-52451, CVE-2023-52454, CVE-2023-52456, CVE-2023-52457,
CVE-2023-52458, CVE-2023-52462, CVE-2023-52463, CVE-2023-52464,
CVE-2023-52467, CVE-2023-52469, CVE-2023-52470, CVE-2023-52480,
CVE-2023-52609, CVE-2023-52610, CVE-2023-52612, CVE-2024-22705,
CVE-2024-23850, CVE-2024-23851, CVE-2024-24860, CVE-2024-26586,
CVE-2024-26589, CVE-2024-26591, CVE-2024-26597, CVE-2024-26598,
CVE-2024-26631, CVE-2024-26633

Package Information:
https://launchpad.net/ubuntu/+source/linux/5.15.0-102.112
https://launchpad.net/ubuntu/+source/linux-azure/5.15.0-1060.69
https://launchpad.net/ubuntu/+source/linux-azure-fde/5.15.0-1060.69.1
https://launchpad.net/ubuntu/+source/linux-gcp/5.15.0-1055.63
https://launchpad.net/ubuntu/+source/linux-gke/5.15.0-1054.59
https://launchpad.net/ubuntu/+source/linux-gkeop/5.15.0-1040.46
https://launchpad.net/ubuntu/+source/linux-ibm/5.15.0-1050.53
https://launchpad.net/ubuntu/+source/linux-intel-iotg/5.15.0-1052.58
https://launchpad.net/ubuntu/+source/linux-kvm/5.15.0-1054.59
https://launchpad.net/ubuntu/+source/linux-lowlatency/5.15.0-102.112
https://launchpad.net/ubuntu/+source/linux-nvidia/5.15.0-1048.48
https://launchpad.net/ubuntu/+source/linux-oracle/5.15.0-1055.61
https://launchpad.net/ubuntu/+source/linux-raspi/5.15.0-1050.53
https://launchpad.net/ubuntu/+source/linux-azure-5.15/5.15.0-1060.69~20.04.1

https://launchpad.net/ubuntu/+source/linux-azure-fde-5.15/5.15.0-1060.69~20.04.1.1
https://launchpad.net/ubuntu/+source/linux-gcp-5.15/5.15.0-1055.63~20.04.1
https://launchpad.net/ubuntu/+source/linux-gkeop-5.15/5.15.0-1040.46~20.04.1
https://launchpad.net/ubuntu/+source/linux-hwe-5.15/5.15.0-102.112~20.04.1
https://launchpad.net/ubuntu/+source/linux-ibm-5.15/5.15.0-1050.53~20.04.1

https://launchpad.net/ubuntu/+source/linux-intel-iotg-5.15/5.15.0-1052.58~20.04.1

https://launchpad.net/ubuntu/+source/linux-lowlatency-hwe-5.15/5.15.0-102.112~20.04.1

https://launchpad.net/ubuntu/+source/linux-oracle-5.15/5.15.0-1055.61~20.04.1



[LSN-0102-1] Linux kernel vulnerability


Linux kernel vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 ESM
- Ubuntu 22.04 LTS
- Ubuntu 14.04 ESM

Summary

Several security issues were fixed in the kernel.

Software Description

- linux - Linux kernel
- linux-aws - Linux kernel for Amazon Web Services (AWS) systems
- linux-azure - Linux kernel for Microsoft Azure Cloud systems
- linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
- linux-gke - Linux kernel for Google Container Engine (GKE) systems
- linux-gkeop - Linux kernel for Google Container Engine (GKE) systems
- linux-ibm - Linux kernel for IBM cloud systems

Details

It was discovered that a race condition existed in the io_uring
subsystem in the Linux kernel, leading to a use-after-free
vulnerability. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code.
(CVE-2023-1872)

Lonial Con discovered that the netfilter subsystem in the Linux kernel
contained a memory leak when handling certain element flush operations.
A local attacker could use this to expose sensitive information (kernel
memory). (CVE-2023-4569)

It was discovered that the TLS subsystem in the Linux kernel did not
properly perform cryptographic operations in some situations, leading to
a null pointer dereference vulnerability. A local attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2023-6176)

It was discovered that a race condition existed in the AppleTalk
networking subsystem of the Linux kernel, leading to a use-after-free
vulnerability. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code.
(CVE-2023-51781)

Jann Horn discovered that the TLS subsystem in the Linux kernel did not
properly handle spliced messages, leading to an out-of-bounds write
vulnerability. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code.
(CVE-2024-0646)

Notselwyn discovered that the netfilter subsystem in the Linux kernel
did not properly handle verdict parameters in certain cases, leading to
a use- after-free vulnerability. A local attacker could use this to
cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2024-1086)

Update instructions

The problem can be corrected by updating your kernel livepatch to the
following versions:

Ubuntu 20.04 LTS
aws - 102.1
azure - 102.1
gcp - 102.1
generic - 102.1
gke - 102.1
gkeop - 102.1
ibm - 102.1
lowlatency - 102.1

Ubuntu 18.04 LTS
aws - 102.1
azure - 102.1
gcp - 102.1
generic - 102.1
lowlatency - 102.1

Ubuntu 16.04 ESM
aws - 102.1
azure - 102.1
gcp - 102.1
generic - 102.1
lowlatency - 102.1

Ubuntu 22.04 LTS
aws - 102.1
azure - 102.1
gcp - 102.1
generic - 102.1
gke - 102.1
ibm - 102.1
lowlatency - 102.1

Ubuntu 14.04 ESM
generic - 102.1
lowlatency - 102.1

Support Information

Livepatches for supported LTS kernels will receive upgrades for a period
of up to 13 months after the build date of the kernel.

Livepatches for supported HWE kernels which are not based on an LTS
kernel version will receive upgrades for a period of up to 9 months
after the build date of the kernel, or until the end of support for that
kernel’s non-LTS distro release version, whichever is sooner.

References

- CVE-2023-1872
- CVE-2023-4569
- CVE-2023-6176
- CVE-2023-51781
- CVE-2024-0646
- CVE-2024-1086