Kernel and Ruby SAML updates for Ubuntu

Ubuntu 6707 Published by

Ubuntu Linux has received updates focused on security, addressing vulnerabilities within the Linux kernel and Ruby SAML:

[USN-7303-2] Linux kernel vulnerabilities
[USN-7294-3] Linux kernel vulnerabilities
[USN-7311-1] Linux kernel vulnerabilities
[USN-7309-1] Ruby SAML vulnerabilities




[USN-7303-2] Linux kernel vulnerabilities


==========================================================================
Ubuntu Security Notice USN-7303-2
February 28, 2025

linux-oracle, linux-oracle-6.8 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-oracle: Linux kernel for Oracle Cloud systems
- linux-oracle-6.8: Linux kernel for Oracle Cloud systems

Details:

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- Network block device driver;
- TPM device driver;
- Hardware crypto device drivers;
- ARM SCMI message protocol;
- EFI core;
- GPU drivers;
- I2C subsystem;
- I3C subsystem;
- InfiniBand drivers;
- Input Device core drivers;
- IOMMU subsystem;
- Mailbox framework;
- Media drivers;
- Ethernet bonding driver;
- Network drivers;
- Mellanox network drivers;
- STMicroelectronics network drivers;
- NTB driver;
- PCI subsystem;
- Alibaba DDR Sub-System Driveway PMU driver;
- x86 platform drivers;
- Powercap sysfs driver;
- Remote Processor subsystem;
- SCSI subsystem;
- USB Device Class drivers;
- vDPA drivers;
- Virtio Host (VHOST) subsystem;
- Framebuffer layer;
- AFS file system;
- BTRFS file system;
- File systems infrastructure;
- Ceph distributed file system;
- Ext4 file system;
- F2FS file system;
- JFS file system;
- Network file systems library;
- Network file system (NFS) server daemon;
- NILFS2 file system;
- SMB network file system;
- BPF subsystem;
- Virtio network driver;
- TCP network protocol;
- Perf events;
- Padata parallel execution mechanism;
- RCU subsystem;
- Arbitrary resource management;
- Static call mechanism;
- Tracing infrastructure;
- Memory management;
- Bluetooth subsystem;
- CAN network layer;
- Networking core;
- Distributed Switch Architecture;
- IPv4 networking;
- IPv6 networking;
- MAC80211 subsystem;
- IEEE 802.15.4 subsystem;
- NCSI (Network Controller Sideband Interface) driver;
- RxRPC session sockets;
- SCTP protocol;
- TIPC protocol;
- Wireless networking;
- AudioScience HPI driver;
- KVM core;
(CVE-2024-47718, CVE-2024-49942, CVE-2024-49897, CVE-2024-49871,
CVE-2024-47687, CVE-2024-47692, CVE-2024-47740, CVE-2024-47691,
CVE-2024-49973, CVE-2024-49958, CVE-2024-49889, CVE-2024-49927,
CVE-2024-49883, CVE-2024-49885, CVE-2024-49912, CVE-2024-47686,
CVE-2024-49985, CVE-2024-47732, CVE-2024-47685, CVE-2024-49935,
CVE-2024-49995, CVE-2024-47731, CVE-2024-49931, CVE-2024-49886,
CVE-2024-53144, CVE-2024-49917, CVE-2024-49868, CVE-2024-49999,
CVE-2024-47684, CVE-2024-50013, CVE-2024-49962, CVE-2024-49981,
CVE-2024-49858, CVE-2024-49878, CVE-2024-49852, CVE-2024-49928,
CVE-2024-50006, CVE-2024-49988, CVE-2024-47697, CVE-2024-49923,
CVE-2024-47704, CVE-2024-49947, CVE-2024-47751, CVE-2024-47672,
CVE-2024-47737, CVE-2024-49909, CVE-2024-49992, CVE-2024-49944,
CVE-2024-49950, CVE-2024-49850, CVE-2024-49951, CVE-2024-49996,
CVE-2024-49934, CVE-2024-47705, CVE-2024-47741, CVE-2024-49957,
CVE-2024-47682, CVE-2024-49976, CVE-2024-49895, CVE-2024-47689,
CVE-2024-49937, CVE-2024-47702, CVE-2024-49959, CVE-2024-47719,
CVE-2024-49922, CVE-2024-47743, CVE-2024-47696, CVE-2024-50017,
CVE-2024-49864, CVE-2024-47747, CVE-2024-47748, CVE-2024-47701,
CVE-2024-49915, CVE-2024-49877, CVE-2024-41016, CVE-2024-49961,
CVE-2024-47730, CVE-2024-49924, CVE-2024-49974, CVE-2024-49875,
CVE-2024-49918, CVE-2024-47712, CVE-2024-50014, CVE-2024-47679,
CVE-2024-49894, CVE-2024-49911, CVE-2024-49855, CVE-2024-49948,
CVE-2024-49955, CVE-2023-52917, CVE-2024-50015, CVE-2024-47754,
CVE-2024-49929, CVE-2024-50005, CVE-2024-47742, CVE-2024-49991,
CVE-2024-49913, CVE-2024-49980, CVE-2024-47749, CVE-2024-49975,
CVE-2024-47671, CVE-2024-47677, CVE-2024-47727, CVE-2024-47716,
CVE-2024-47707, CVE-2024-49870, CVE-2024-47703, CVE-2024-47710,
CVE-2024-49977, CVE-2024-49997, CVE-2024-49853, CVE-2024-47681,
CVE-2024-49986, CVE-2024-49969, CVE-2024-50000, CVE-2024-47690,
CVE-2024-47709, CVE-2024-47713, CVE-2024-47720, CVE-2024-49879,
CVE-2024-47699, CVE-2024-47714, CVE-2024-50012, CVE-2024-49880,
CVE-2024-49946, CVE-2024-47735, CVE-2024-49876, CVE-2024-49963,
CVE-2024-50176, CVE-2024-49952, CVE-2024-49881, CVE-2024-49987,
CVE-2024-49919, CVE-2024-49860, CVE-2024-47744, CVE-2024-47723,
CVE-2024-50001, CVE-2024-47756, CVE-2024-49867, CVE-2024-47728,
CVE-2024-49933, CVE-2024-47752, CVE-2024-49998, CVE-2024-50179,
CVE-2024-47706, CVE-2024-49989, CVE-2024-47670, CVE-2024-49965,
CVE-2024-47673, CVE-2024-47700, CVE-2024-47688, CVE-2024-49953,
CVE-2024-50016, CVE-2024-49907, CVE-2024-49930, CVE-2024-50002,
CVE-2024-49859, CVE-2024-49939, CVE-2024-47675, CVE-2024-49861,
CVE-2024-50175, CVE-2024-47757, CVE-2024-49900, CVE-2024-49954,
CVE-2024-49982, CVE-2024-49891, CVE-2024-47678, CVE-2024-49936,
CVE-2024-49901, CVE-2024-49898, CVE-2024-47693, CVE-2024-50007,
CVE-2024-49896, CVE-2024-49863, CVE-2024-47750, CVE-2024-49949,
CVE-2024-49888, CVE-2024-47739, CVE-2024-49983, CVE-2024-47695,
CVE-2024-47738, CVE-2024-47734, CVE-2024-49892, CVE-2024-47698,
CVE-2024-49902, CVE-2024-47715, CVE-2024-49926, CVE-2024-49882,
CVE-2024-49978, CVE-2024-49945, CVE-2024-49925, CVE-2024-47733,
CVE-2024-49874, CVE-2024-49856, CVE-2024-49966, CVE-2024-49960,
CVE-2024-49905, CVE-2024-49866, CVE-2024-49903, CVE-2024-49862,
CVE-2024-50008, CVE-2024-49994, CVE-2024-49851, CVE-2024-47745,
CVE-2024-49884, CVE-2024-47753, CVE-2024-49938, CVE-2024-49890)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.04 LTS
linux-image-6.8.0-1020-oracle 6.8.0-1020.21
linux-image-6.8.0-1020-oracle-64k 6.8.0-1020.21
linux-image-oracle 6.8.0-1020.21
linux-image-oracle-64k 6.8.0-1020.21
linux-image-oracle-64k-lts-24.04 6.8.0-1020.21
linux-image-oracle-lts-24.04 6.8.0-1020.21

Ubuntu 22.04 LTS
linux-image-6.8.0-1020-oracle 6.8.0-1020.21~22.04.1
linux-image-6.8.0-1020-oracle-64k 6.8.0-1020.21~22.04.1
linux-image-oracle 6.8.0-1020.21~22.04.1
linux-image-oracle-64k 6.8.0-1020.21~22.04.1

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-7303-2
https://ubuntu.com/security/notices/USN-7303-1
CVE-2023-52917, CVE-2024-41016, CVE-2024-47670, CVE-2024-47671,
CVE-2024-47672, CVE-2024-47673, CVE-2024-47675, CVE-2024-47677,
CVE-2024-47678, CVE-2024-47679, CVE-2024-47681, CVE-2024-47682,
CVE-2024-47684, CVE-2024-47685, CVE-2024-47686, CVE-2024-47687,
CVE-2024-47688, CVE-2024-47689, CVE-2024-47690, CVE-2024-47691,
CVE-2024-47692, CVE-2024-47693, CVE-2024-47695, CVE-2024-47696,
CVE-2024-47697, CVE-2024-47698, CVE-2024-47699, CVE-2024-47700,
CVE-2024-47701, CVE-2024-47702, CVE-2024-47703, CVE-2024-47704,
CVE-2024-47705, CVE-2024-47706, CVE-2024-47707, CVE-2024-47709,
CVE-2024-47710, CVE-2024-47712, CVE-2024-47713, CVE-2024-47714,
CVE-2024-47715, CVE-2024-47716, CVE-2024-47718, CVE-2024-47719,
CVE-2024-47720, CVE-2024-47723, CVE-2024-47727, CVE-2024-47728,
CVE-2024-47730, CVE-2024-47731, CVE-2024-47732, CVE-2024-47733,
CVE-2024-47734, CVE-2024-47735, CVE-2024-47737, CVE-2024-47738,
CVE-2024-47739, CVE-2024-47740, CVE-2024-47741, CVE-2024-47742,
CVE-2024-47743, CVE-2024-47744, CVE-2024-47745, CVE-2024-47747,
CVE-2024-47748, CVE-2024-47749, CVE-2024-47750, CVE-2024-47751,
CVE-2024-47752, CVE-2024-47753, CVE-2024-47754, CVE-2024-47756,
CVE-2024-47757, CVE-2024-49850, CVE-2024-49851, CVE-2024-49852,
CVE-2024-49853, CVE-2024-49855, CVE-2024-49856, CVE-2024-49858,
CVE-2024-49859, CVE-2024-49860, CVE-2024-49861, CVE-2024-49862,
CVE-2024-49863, CVE-2024-49864, CVE-2024-49866, CVE-2024-49867,
CVE-2024-49868, CVE-2024-49870, CVE-2024-49871, CVE-2024-49874,
CVE-2024-49875, CVE-2024-49876, CVE-2024-49877, CVE-2024-49878,
CVE-2024-49879, CVE-2024-49880, CVE-2024-49881, CVE-2024-49882,
CVE-2024-49883, CVE-2024-49884, CVE-2024-49885, CVE-2024-49886,
CVE-2024-49888, CVE-2024-49889, CVE-2024-49890, CVE-2024-49891,
CVE-2024-49892, CVE-2024-49894, CVE-2024-49895, CVE-2024-49896,
CVE-2024-49897, CVE-2024-49898, CVE-2024-49900, CVE-2024-49901,
CVE-2024-49902, CVE-2024-49903, CVE-2024-49905, CVE-2024-49907,
CVE-2024-49909, CVE-2024-49911, CVE-2024-49912, CVE-2024-49913,
CVE-2024-49915, CVE-2024-49917, CVE-2024-49918, CVE-2024-49919,
CVE-2024-49922, CVE-2024-49923, CVE-2024-49924, CVE-2024-49925,
CVE-2024-49926, CVE-2024-49927, CVE-2024-49928, CVE-2024-49929,
CVE-2024-49930, CVE-2024-49931, CVE-2024-49933, CVE-2024-49934,
CVE-2024-49935, CVE-2024-49936, CVE-2024-49937, CVE-2024-49938,
CVE-2024-49939, CVE-2024-49942, CVE-2024-49944, CVE-2024-49945,
CVE-2024-49946, CVE-2024-49947, CVE-2024-49948, CVE-2024-49949,
CVE-2024-49950, CVE-2024-49951, CVE-2024-49952, CVE-2024-49953,
CVE-2024-49954, CVE-2024-49955, CVE-2024-49957, CVE-2024-49958,
CVE-2024-49959, CVE-2024-49960, CVE-2024-49961, CVE-2024-49962,
CVE-2024-49963, CVE-2024-49965, CVE-2024-49966, CVE-2024-49969,
CVE-2024-49973, CVE-2024-49974, CVE-2024-49975, CVE-2024-49976,
CVE-2024-49977, CVE-2024-49978, CVE-2024-49980, CVE-2024-49981,
CVE-2024-49982, CVE-2024-49983, CVE-2024-49985, CVE-2024-49986,
CVE-2024-49987, CVE-2024-49988, CVE-2024-49989, CVE-2024-49991,
CVE-2024-49992, CVE-2024-49994, CVE-2024-49995, CVE-2024-49996,
CVE-2024-49997, CVE-2024-49998, CVE-2024-49999, CVE-2024-50000,
CVE-2024-50001, CVE-2024-50002, CVE-2024-50005, CVE-2024-50006,
CVE-2024-50007, CVE-2024-50008, CVE-2024-50012, CVE-2024-50013,
CVE-2024-50014, CVE-2024-50015, CVE-2024-50016, CVE-2024-50017,
CVE-2024-50175, CVE-2024-50176, CVE-2024-50179, CVE-2024-53144

Package Information:
https://launchpad.net/ubuntu/+source/linux-oracle/6.8.0-1020.21
https://launchpad.net/ubuntu/+source/linux-oracle-6.8/6.8.0-1020.21~22.04.1



[USN-7294-3] Linux kernel vulnerabilities


==========================================================================
Ubuntu Security Notice USN-7294-3
February 28, 2025

linux-ibm vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 20.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-ibm: Linux kernel for IBM cloud systems

Details:

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- Block layer subsystem;
- ACPI drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- TPM device driver;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- I2C subsystem;
- InfiniBand drivers;
- Mailbox framework;
- Multiple devices driver;
- Media drivers;
- Network drivers;
- NTB driver;
- Virtio pmem driver;
- Parport drivers;
- PCI subsystem;
- SPI subsystem;
- Direct Digital Synthesis drivers;
- USB Device Class drivers;
- USB Dual Role (OTG-ready) Controller drivers;
- USB Serial drivers;
- USB Type-C support driver;
- Framebuffer layer;
- BTRFS file system;
- Ceph distributed file system;
- Ext4 file system;
- F2FS file system;
- File systems infrastructure;
- JFS file system;
- Network file system (NFS) client;
- Network file system (NFS) server daemon;
- NILFS2 file system;
- SMB network file system;
- Network traffic control;
- Network sockets;
- TCP network protocol;
- BPF subsystem;
- Perf events;
- Arbitrary resource management;
- Timer substystem drivers;
- Tracing infrastructure;
- Closures library;
- Memory management;
- Amateur Radio drivers;
- Bluetooth subsystem;
- Ethernet bridge;
- CAN network layer;
- Networking core;
- IPv4 networking;
- IPv6 networking;
- MAC80211 subsystem;
- Netfilter;
- Netlink;
- SCTP protocol;
- TIPC protocol;
- Wireless networking;
- XFRM subsystem;
- Key management;
- FireWire sound drivers;
- AudioScience HPI driver;
- Amlogic Meson SoC drivers;
- KVM core;
(CVE-2024-47698, CVE-2024-49868, CVE-2024-50006, CVE-2024-40965,
CVE-2024-50233, CVE-2024-47671, CVE-2024-49944, CVE-2024-47684,
CVE-2024-50134, CVE-2024-50279, CVE-2024-50302, CVE-2024-40953,
CVE-2024-50234, CVE-2024-41066, CVE-2024-50040, CVE-2024-47701,
CVE-2024-50033, CVE-2024-50007, CVE-2024-50143, CVE-2024-41016,
CVE-2024-53059, CVE-2024-50195, CVE-2024-50202, CVE-2024-47749,
CVE-2024-47685, CVE-2024-50267, CVE-2024-49965, CVE-2024-49903,
CVE-2024-49883, CVE-2024-50035, CVE-2024-46849, CVE-2024-53061,
CVE-2024-50151, CVE-2024-49995, CVE-2024-49867, CVE-2024-49962,
CVE-2024-50218, CVE-2024-50039, CVE-2024-50148, CVE-2024-49900,
CVE-2024-50287, CVE-2024-50150, CVE-2024-49879, CVE-2024-47757,
CVE-2024-49997, CVE-2024-50045, CVE-2024-47742, CVE-2024-47679,
CVE-2024-53063, CVE-2024-49878, CVE-2024-49860, CVE-2024-35896,
CVE-2024-40911, CVE-2024-42252, CVE-2024-47723, CVE-2024-47674,
CVE-2024-47737, CVE-2024-50282, CVE-2024-44931, CVE-2024-49938,
CVE-2024-49963, CVE-2024-50290, CVE-2024-49958, CVE-2021-47469,
CVE-2024-47670, CVE-2024-50116, CVE-2024-50262, CVE-2024-50082,
CVE-2023-52917, CVE-2024-50117, CVE-2024-50131, CVE-2024-47699,
CVE-2024-49896, CVE-2024-49957, CVE-2024-49952, CVE-2024-50273,
CVE-2024-50171, CVE-2024-50237, CVE-2024-49955, CVE-2024-50230,
CVE-2024-50194, CVE-2024-50278, CVE-2024-50127, CVE-2024-53066,
CVE-2024-38544, CVE-2024-49902, CVE-2024-49892, CVE-2024-46854,
CVE-2024-49966, CVE-2024-50167, CVE-2024-47697, CVE-2024-49985,
CVE-2024-47696, CVE-2024-50024, CVE-2024-50251, CVE-2024-47740,
CVE-2024-49882, CVE-2024-49851, CVE-2024-50059, CVE-2024-49973,
CVE-2024-35887, CVE-2024-50296, CVE-2024-47706, CVE-2024-50044,
CVE-2024-47712, CVE-2024-50301, CVE-2024-47709, CVE-2024-49975,
CVE-2024-49877, CVE-2024-47710, CVE-2024-50269, CVE-2024-46731,
CVE-2024-50099, CVE-2024-50184, CVE-2024-50299, CVE-2024-50008,
CVE-2024-50265, CVE-2024-49948, CVE-2024-50229, CVE-2024-50168,
CVE-2024-49894, CVE-2024-47692, CVE-2024-50074, CVE-2024-47713,
CVE-2024-49924, CVE-2024-53104, CVE-2024-50205, CVE-2024-47672,
CVE-2024-50096, CVE-2024-47747, CVE-2024-50199, CVE-2023-52458,
CVE-2024-49959, CVE-2024-50236, CVE-2024-53101, CVE-2024-43863,
CVE-2024-46853, CVE-2024-50179, CVE-2024-49981, CVE-2024-47756,
CVE-2024-49949, CVE-2024-50142, CVE-2024-49982, CVE-2024-50180)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS
linux-image-5.4.0-1086-ibm 5.4.0-1086.91
linux-image-ibm-lts-20.04 5.4.0.1086.115

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-7294-3
https://ubuntu.com/security/notices/USN-7294-2
https://ubuntu.com/security/notices/USN-7294-1
CVE-2021-47469, CVE-2023-52458, CVE-2023-52917, CVE-2024-35887,
CVE-2024-35896, CVE-2024-38544, CVE-2024-40911, CVE-2024-40953,
CVE-2024-40965, CVE-2024-41016, CVE-2024-41066, CVE-2024-42252,
CVE-2024-43863, CVE-2024-44931, CVE-2024-46731, CVE-2024-46849,
CVE-2024-46853, CVE-2024-46854, CVE-2024-47670, CVE-2024-47671,
CVE-2024-47672, CVE-2024-47674, CVE-2024-47679, CVE-2024-47684,
CVE-2024-47685, CVE-2024-47692, CVE-2024-47696, CVE-2024-47697,
CVE-2024-47698, CVE-2024-47699, CVE-2024-47701, CVE-2024-47706,
CVE-2024-47709, CVE-2024-47710, CVE-2024-47712, CVE-2024-47713,
CVE-2024-47723, CVE-2024-47737, CVE-2024-47740, CVE-2024-47742,
CVE-2024-47747, CVE-2024-47749, CVE-2024-47756, CVE-2024-47757,
CVE-2024-49851, CVE-2024-49860, CVE-2024-49867, CVE-2024-49868,
CVE-2024-49877, CVE-2024-49878, CVE-2024-49879, CVE-2024-49882,
CVE-2024-49883, CVE-2024-49892, CVE-2024-49894, CVE-2024-49896,
CVE-2024-49900, CVE-2024-49902, CVE-2024-49903, CVE-2024-49924,
CVE-2024-49938, CVE-2024-49944, CVE-2024-49948, CVE-2024-49949,
CVE-2024-49952, CVE-2024-49955, CVE-2024-49957, CVE-2024-49958,
CVE-2024-49959, CVE-2024-49962, CVE-2024-49963, CVE-2024-49965,
CVE-2024-49966, CVE-2024-49973, CVE-2024-49975, CVE-2024-49981,
CVE-2024-49982, CVE-2024-49985, CVE-2024-49995, CVE-2024-49997,
CVE-2024-50006, CVE-2024-50007, CVE-2024-50008, CVE-2024-50024,
CVE-2024-50033, CVE-2024-50035, CVE-2024-50039, CVE-2024-50040,
CVE-2024-50044, CVE-2024-50045, CVE-2024-50059, CVE-2024-50074,
CVE-2024-50082, CVE-2024-50096, CVE-2024-50099, CVE-2024-50116,
CVE-2024-50117, CVE-2024-50127, CVE-2024-50131, CVE-2024-50134,
CVE-2024-50142, CVE-2024-50143, CVE-2024-50148, CVE-2024-50150,
CVE-2024-50151, CVE-2024-50167, CVE-2024-50168, CVE-2024-50171,
CVE-2024-50179, CVE-2024-50180, CVE-2024-50184, CVE-2024-50194,
CVE-2024-50195, CVE-2024-50199, CVE-2024-50202, CVE-2024-50205,
CVE-2024-50218, CVE-2024-50229, CVE-2024-50230, CVE-2024-50233,
CVE-2024-50234, CVE-2024-50236, CVE-2024-50237, CVE-2024-50251,
CVE-2024-50262, CVE-2024-50265, CVE-2024-50267, CVE-2024-50269,
CVE-2024-50273, CVE-2024-50278, CVE-2024-50279, CVE-2024-50282,
CVE-2024-50287, CVE-2024-50290, CVE-2024-50296, CVE-2024-50299,
CVE-2024-50301, CVE-2024-50302, CVE-2024-53059, CVE-2024-53061,
CVE-2024-53063, CVE-2024-53066, CVE-2024-53101, CVE-2024-53104

Package Information:
https://launchpad.net/ubuntu/+source/linux-ibm/5.4.0-1086.91



[USN-7311-1] Linux kernel vulnerabilities


==========================================================================
Ubuntu Security Notice USN-7311-1
February 28, 2025

linux-aws, linux-aws-6.8 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
- linux-aws-6.8: Linux kernel for Amazon Web Services (AWS) systems

Details:

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- Network block device driver;
- TPM device driver;
- Hardware crypto device drivers;
- ARM SCMI message protocol;
- EFI core;
- GPU drivers;
- I2C subsystem;
- I3C subsystem;
- InfiniBand drivers;
- Input Device core drivers;
- IOMMU subsystem;
- Mailbox framework;
- Media drivers;
- Ethernet bonding driver;
- Network drivers;
- Mellanox network drivers;
- STMicroelectronics network drivers;
- NTB driver;
- PCI subsystem;
- Alibaba DDR Sub-System Driveway PMU driver;
- x86 platform drivers;
- Powercap sysfs driver;
- Remote Processor subsystem;
- SCSI subsystem;
- USB Device Class drivers;
- vDPA drivers;
- Virtio Host (VHOST) subsystem;
- Framebuffer layer;
- AFS file system;
- BTRFS file system;
- File systems infrastructure;
- Ceph distributed file system;
- Ext4 file system;
- F2FS file system;
- JFS file system;
- Network file systems library;
- Network file system (NFS) server daemon;
- NILFS2 file system;
- SMB network file system;
- BPF subsystem;
- Virtio network driver;
- TCP network protocol;
- Perf events;
- Padata parallel execution mechanism;
- RCU subsystem;
- Arbitrary resource management;
- Static call mechanism;
- Tracing infrastructure;
- Memory management;
- Bluetooth subsystem;
- CAN network layer;
- Networking core;
- Distributed Switch Architecture;
- IPv4 networking;
- IPv6 networking;
- MAC80211 subsystem;
- IEEE 802.15.4 subsystem;
- NCSI (Network Controller Sideband Interface) driver;
- Netfilter;
- RxRPC session sockets;
- Network traffic control;
- SCTP protocol;
- TIPC protocol;
- VMware vSockets driver;
- Wireless networking;
- AudioScience HPI driver;
- KVM core;
(CVE-2024-49867, CVE-2024-47675, CVE-2024-49999, CVE-2024-49884,
CVE-2024-49992, CVE-2024-49945, CVE-2024-49889, CVE-2024-49890,
CVE-2024-49900, CVE-2024-49934, CVE-2024-49976, CVE-2024-49878,
CVE-2024-50008, CVE-2024-49919, CVE-2024-47698, CVE-2024-47731,
CVE-2024-47673, CVE-2024-49959, CVE-2024-47715, CVE-2024-49912,
CVE-2024-47702, CVE-2024-50007, CVE-2024-49953, CVE-2024-49929,
CVE-2024-47730, CVE-2024-49966, CVE-2024-47756, CVE-2024-47687,
CVE-2024-50002, CVE-2024-49911, CVE-2024-47714, CVE-2024-47704,
CVE-2024-50017, CVE-2024-47709, CVE-2024-49858, CVE-2024-47712,
CVE-2024-49870, CVE-2024-49883, CVE-2024-47672, CVE-2024-49963,
CVE-2024-49926, CVE-2024-49860, CVE-2024-47748, CVE-2024-49928,
CVE-2024-49931, CVE-2024-47749, CVE-2024-49913, CVE-2024-49957,
CVE-2024-49948, CVE-2024-47732, CVE-2024-47753, CVE-2024-47727,
CVE-2024-49896, CVE-2024-47707, CVE-2024-47743, CVE-2024-49915,
CVE-2024-47695, CVE-2024-49960, CVE-2024-49935, CVE-2024-49868,
CVE-2024-49918, CVE-2024-49969, CVE-2024-53164, CVE-2024-49879,
CVE-2024-50012, CVE-2024-50000, CVE-2024-49974, CVE-2024-49998,
CVE-2024-49933, CVE-2024-47733, CVE-2024-49924, CVE-2024-47757,
CVE-2024-47699, CVE-2024-49983, CVE-2024-50016, CVE-2024-49907,
CVE-2024-49965, CVE-2024-49859, CVE-2024-50013, CVE-2024-49871,
CVE-2024-49994, CVE-2024-49850, CVE-2024-49947, CVE-2024-49955,
CVE-2024-49962, CVE-2024-47692, CVE-2024-53141, CVE-2024-50014,
CVE-2024-47689, CVE-2024-49874, CVE-2024-50005, CVE-2024-47741,
CVE-2024-49880, CVE-2024-47738, CVE-2024-47745, CVE-2024-49917,
CVE-2024-47728, CVE-2024-49856, CVE-2024-49925, CVE-2024-47671,
CVE-2023-52917, CVE-2024-47679, CVE-2024-49975, CVE-2024-47734,
CVE-2024-47720, CVE-2024-47686, CVE-2024-49892, CVE-2024-49936,
CVE-2024-49888, CVE-2024-49909, CVE-2024-49986, CVE-2024-49930,
CVE-2024-47740, CVE-2024-49923, CVE-2024-47754, CVE-2024-50179,
CVE-2024-49978, CVE-2024-47735, CVE-2024-49886, CVE-2024-49903,
CVE-2024-47681, CVE-2024-49897, CVE-2024-49951, CVE-2024-49946,
CVE-2024-49954, CVE-2024-47691, CVE-2024-49863, CVE-2024-47719,
CVE-2024-47693, CVE-2024-47713, CVE-2024-50006, CVE-2024-49855,
CVE-2024-49851, CVE-2024-49894, CVE-2024-49895, CVE-2024-49987,
CVE-2024-47700, CVE-2024-47688, CVE-2024-49982, CVE-2024-47685,
CVE-2024-53144, CVE-2024-47670, CVE-2024-47696, CVE-2024-47710,
CVE-2024-47737, CVE-2024-49988, CVE-2024-47684, CVE-2024-47718,
CVE-2024-49876, CVE-2024-49852, CVE-2024-49980, CVE-2024-49877,
CVE-2024-50175, CVE-2024-49981, CVE-2024-47677, CVE-2024-49973,
CVE-2024-49922, CVE-2024-50015, CVE-2024-49938, CVE-2024-47752,
CVE-2024-49902, CVE-2024-49944, CVE-2024-49952, CVE-2024-47747,
CVE-2024-41016, CVE-2024-50001, CVE-2024-49891, CVE-2024-47703,
CVE-2024-47744, CVE-2024-49861, CVE-2024-49875, CVE-2024-49901,
CVE-2024-49881, CVE-2024-49937, CVE-2024-47706, CVE-2024-47690,
CVE-2024-49958, CVE-2024-49961, CVE-2024-49882, CVE-2024-47739,
CVE-2024-49996, CVE-2024-49905, CVE-2024-47705, CVE-2024-49942,
CVE-2024-47697, CVE-2024-47723, CVE-2024-49853, CVE-2024-49862,
CVE-2024-47751, CVE-2024-49950, CVE-2024-50176, CVE-2024-49939,
CVE-2024-49864, CVE-2024-49997, CVE-2024-49995, CVE-2024-49885,
CVE-2024-49949, CVE-2024-53103, CVE-2024-49991, CVE-2024-49866,
CVE-2024-49977, CVE-2024-47682, CVE-2024-49927, CVE-2024-49985,
CVE-2024-49898, CVE-2024-47678, CVE-2024-47701, CVE-2024-47742,
CVE-2024-47750, CVE-2024-47716, CVE-2024-49989)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.04 LTS
linux-image-6.8.0-1023-aws 6.8.0-1023.25
linux-image-aws 6.8.0-1023.25
linux-image-aws-lts-24.04 6.8.0-1023.25

Ubuntu 22.04 LTS
linux-image-6.8.0-1023-aws 6.8.0-1023.25~22.04.1
linux-image-aws 6.8.0-1023.25~22.04.1

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-7311-1
CVE-2023-52917, CVE-2024-41016, CVE-2024-47670, CVE-2024-47671,
CVE-2024-47672, CVE-2024-47673, CVE-2024-47675, CVE-2024-47677,
CVE-2024-47678, CVE-2024-47679, CVE-2024-47681, CVE-2024-47682,
CVE-2024-47684, CVE-2024-47685, CVE-2024-47686, CVE-2024-47687,
CVE-2024-47688, CVE-2024-47689, CVE-2024-47690, CVE-2024-47691,
CVE-2024-47692, CVE-2024-47693, CVE-2024-47695, CVE-2024-47696,
CVE-2024-47697, CVE-2024-47698, CVE-2024-47699, CVE-2024-47700,
CVE-2024-47701, CVE-2024-47702, CVE-2024-47703, CVE-2024-47704,
CVE-2024-47705, CVE-2024-47706, CVE-2024-47707, CVE-2024-47709,
CVE-2024-47710, CVE-2024-47712, CVE-2024-47713, CVE-2024-47714,
CVE-2024-47715, CVE-2024-47716, CVE-2024-47718, CVE-2024-47719,
CVE-2024-47720, CVE-2024-47723, CVE-2024-47727, CVE-2024-47728,
CVE-2024-47730, CVE-2024-47731, CVE-2024-47732, CVE-2024-47733,
CVE-2024-47734, CVE-2024-47735, CVE-2024-47737, CVE-2024-47738,
CVE-2024-47739, CVE-2024-47740, CVE-2024-47741, CVE-2024-47742,
CVE-2024-47743, CVE-2024-47744, CVE-2024-47745, CVE-2024-47747,
CVE-2024-47748, CVE-2024-47749, CVE-2024-47750, CVE-2024-47751,
CVE-2024-47752, CVE-2024-47753, CVE-2024-47754, CVE-2024-47756,
CVE-2024-47757, CVE-2024-49850, CVE-2024-49851, CVE-2024-49852,
CVE-2024-49853, CVE-2024-49855, CVE-2024-49856, CVE-2024-49858,
CVE-2024-49859, CVE-2024-49860, CVE-2024-49861, CVE-2024-49862,
CVE-2024-49863, CVE-2024-49864, CVE-2024-49866, CVE-2024-49867,
CVE-2024-49868, CVE-2024-49870, CVE-2024-49871, CVE-2024-49874,
CVE-2024-49875, CVE-2024-49876, CVE-2024-49877, CVE-2024-49878,
CVE-2024-49879, CVE-2024-49880, CVE-2024-49881, CVE-2024-49882,
CVE-2024-49883, CVE-2024-49884, CVE-2024-49885, CVE-2024-49886,
CVE-2024-49888, CVE-2024-49889, CVE-2024-49890, CVE-2024-49891,
CVE-2024-49892, CVE-2024-49894, CVE-2024-49895, CVE-2024-49896,
CVE-2024-49897, CVE-2024-49898, CVE-2024-49900, CVE-2024-49901,
CVE-2024-49902, CVE-2024-49903, CVE-2024-49905, CVE-2024-49907,
CVE-2024-49909, CVE-2024-49911, CVE-2024-49912, CVE-2024-49913,
CVE-2024-49915, CVE-2024-49917, CVE-2024-49918, CVE-2024-49919,
CVE-2024-49922, CVE-2024-49923, CVE-2024-49924, CVE-2024-49925,
CVE-2024-49926, CVE-2024-49927, CVE-2024-49928, CVE-2024-49929,
CVE-2024-49930, CVE-2024-49931, CVE-2024-49933, CVE-2024-49934,
CVE-2024-49935, CVE-2024-49936, CVE-2024-49937, CVE-2024-49938,
CVE-2024-49939, CVE-2024-49942, CVE-2024-49944, CVE-2024-49945,
CVE-2024-49946, CVE-2024-49947, CVE-2024-49948, CVE-2024-49949,
CVE-2024-49950, CVE-2024-49951, CVE-2024-49952, CVE-2024-49953,
CVE-2024-49954, CVE-2024-49955, CVE-2024-49957, CVE-2024-49958,
CVE-2024-49959, CVE-2024-49960, CVE-2024-49961, CVE-2024-49962,
CVE-2024-49963, CVE-2024-49965, CVE-2024-49966, CVE-2024-49969,
CVE-2024-49973, CVE-2024-49974, CVE-2024-49975, CVE-2024-49976,
CVE-2024-49977, CVE-2024-49978, CVE-2024-49980, CVE-2024-49981,
CVE-2024-49982, CVE-2024-49983, CVE-2024-49985, CVE-2024-49986,
CVE-2024-49987, CVE-2024-49988, CVE-2024-49989, CVE-2024-49991,
CVE-2024-49992, CVE-2024-49994, CVE-2024-49995, CVE-2024-49996,
CVE-2024-49997, CVE-2024-49998, CVE-2024-49999, CVE-2024-50000,
CVE-2024-50001, CVE-2024-50002, CVE-2024-50005, CVE-2024-50006,
CVE-2024-50007, CVE-2024-50008, CVE-2024-50012, CVE-2024-50013,
CVE-2024-50014, CVE-2024-50015, CVE-2024-50016, CVE-2024-50017,
CVE-2024-50175, CVE-2024-50176, CVE-2024-50179, CVE-2024-53103,
CVE-2024-53141, CVE-2024-53144, CVE-2024-53164

Package Information:
https://launchpad.net/ubuntu/+source/linux-aws/6.8.0-1023.25
https://launchpad.net/ubuntu/+source/linux-aws-6.8/6.8.0-1023.25~22.04.1



[USN-7309-1] Ruby SAML vulnerabilities


==========================================================================
Ubuntu Security Notice USN-7309-1
February 28, 2025

Ruby SAML vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS

Summary:

Several security issues were fixed in Ruby SAML.

Software Description:
- ruby-saml: SAML toolkit for Ruby on Rails

Details:

It was discovered that Ruby SAML did not properly validate SAML responses.
An unauthenticated attacker could use this vulnerability to log in as an
abitrary user. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-5697)

It was discovered that Ruby SAML incorrectly utilized the results of XML
DOM traversal and canonicalization APIs. An unauthenticated attacker could
use this vulnerability to log in as an abitrary user. This issue only
affected Ubuntu 16.04 LTS. (CVE-2017-11428)

It was discovered that Ruby SAML did not properly verify the signature of
the SAML Response, allowing multiple elements with the same ID. An
unauthenticated attacker could use this vulnerability to log in as an
abitrary user. (CVE-2024-45409)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.10
  ruby-saml                       1.15.0-1ubuntu0.24.10.1

Ubuntu 24.04 LTS
  ruby-saml                       1.15.0-1ubuntu0.24.04.1

Ubuntu 22.04 LTS
  ruby-saml                       1.13.0-1ubuntu0.1

Ubuntu 20.04 LTS
  ruby-saml                       1.11.0-1ubuntu0.1

Ubuntu 18.04 LTS
  ruby-saml                       1.7.2-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro

Ubuntu 16.04 LTS
  ruby-saml                       1.1.2-1ubuntu1+esm1
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-7309-1
( https://ubuntu.com/security/notices/USN-7309-1)
  CVE-2016-5697, CVE-2017-11428, CVE-2024-45409

Package Information:
https://launchpad.net/ubuntu/+source/ruby-saml/1.15.0-1ubuntu0.24.10.1
( https://launchpad.net/ubuntu/+source/ruby-saml/1.15.0-1ubuntu0.24.10.1)
https://launchpad.net/ubuntu/+source/ruby-saml/1.15.0-1ubuntu0.24.04.1
( https://launchpad.net/ubuntu/+source/ruby-saml/1.15.0-1ubuntu0.24.04.1)
https://launchpad.net/ubuntu/+source/ruby-saml/1.13.0-1ubuntu0.1
( https://launchpad.net/ubuntu/+source/ruby-saml/1.13.0-1ubuntu0.1)
https://launchpad.net/ubuntu/+source/ruby-saml/1.11.0-1ubuntu0.1
( https://launchpad.net/ubuntu/+source/ruby-saml/1.11.0-1ubuntu0.1)


ProcPS, PostgreSQL, Wireshark, and more updates for SUSE

Emacs, DNSMasq, libtasn, Xorg-Server, FFmpeg, Amanda updates for Debian

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.org  I ...