Ubuntu 6706 Published by

Ubuntu Linux has received a series of security updates, addressing vulnerabilities in the kernel, GNU binutils, and the xmltok library:

[USN-7305-1] Linux kernel vulnerabilities
[USN-7304-1] Linux kernel vulnerabilities
[USN-7303-1] Linux kernel vulnerabilities
[USN-7306-1] GNU binutils vulnerabilities
[USN-7307-1] xmltok library vulnerability




[USN-7305-1] Linux kernel vulnerabilities


==========================================================================
Ubuntu Security Notice USN-7305-1
February 26, 2025

linux-raspi vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-raspi: Linux kernel for Raspberry Pi systems

Details:

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- x86 architecture;
- Block layer subsystem;
- ACPI drivers;
- GPU drivers;
- HID subsystem;
- I2C subsystem;
- IIO ADC drivers;
- IIO subsystem;
- InfiniBand drivers;
- IOMMU subsystem;
- IRQ chip drivers;
- Multiple devices driver;
- Media drivers;
- Network drivers;
- STMicroelectronics network drivers;
- Parport drivers;
- Pin controllers subsystem;
- Direct Digital Synthesis drivers;
- TCM subsystem;
- TTY drivers;
- USB Dual Role (OTG-ready) Controller drivers;
- USB Serial drivers;
- USB Type-C support driver;
- USB Type-C Connector System Software Interface driver;
- BTRFS file system;
- File systems infrastructure;
- Network file system (NFS) client;
- NILFS2 file system;
- NTFS3 file system;
- SMB network file system;
- User-space API (UAPI);
- io_uring subsystem;
- BPF subsystem;
- Timer substystem drivers;
- Tracing infrastructure;
- Closures library;
- Memory management;
- Amateur Radio drivers;
- Bluetooth subsystem;
- Networking core;
- IPv4 networking;
- MAC80211 subsystem;
- Multipath TCP;
- Netfilter;
- Network traffic control;
- SCTP protocol;
- XFRM subsystem;
- Key management;
- FireWire sound drivers;
- HD-audio driver;
- QCOM ASoC drivers;
- STMicroelectronics SoC drivers;
- KVM core;
(CVE-2024-50128, CVE-2024-50099, CVE-2024-50269, CVE-2024-50287,
CVE-2024-42291, CVE-2024-50142, CVE-2024-50085, CVE-2024-50273,
CVE-2024-26718, CVE-2024-50143, CVE-2024-50208, CVE-2024-41080,
CVE-2024-50101, CVE-2024-50150, CVE-2024-53101, CVE-2024-50141,
CVE-2024-50115, CVE-2024-50301, CVE-2024-53104, CVE-2024-41066,
CVE-2024-50194, CVE-2024-50167, CVE-2024-53059, CVE-2024-50103,
CVE-2024-50110, CVE-2024-50131, CVE-2024-50249, CVE-2024-50196,
CVE-2024-50182, CVE-2024-50257, CVE-2024-50148, CVE-2024-50278,
CVE-2024-50074, CVE-2024-50296, CVE-2024-50295, CVE-2024-50193,
CVE-2024-50195, CVE-2024-42252, CVE-2024-50086, CVE-2024-50072,
CVE-2024-50082, CVE-2024-50134, CVE-2024-50163, CVE-2024-50232,
CVE-2024-53097, CVE-2024-50127, CVE-2024-50268, CVE-2024-39497,
CVE-2024-50116, CVE-2024-50302, CVE-2024-50153, CVE-2024-50185,
CVE-2023-52913, CVE-2024-40953, CVE-2024-50209, CVE-2024-53088,
CVE-2024-50151, CVE-2024-35887, CVE-2024-53058, CVE-2024-40965,
CVE-2024-50198, CVE-2024-50259, CVE-2024-50292, CVE-2024-50267,
CVE-2024-50162, CVE-2024-50154, CVE-2024-50083, CVE-2024-50218,
CVE-2024-50036, CVE-2024-53066, CVE-2024-50251, CVE-2024-53042,
CVE-2024-50234, CVE-2024-50247, CVE-2024-50245, CVE-2024-50201,
CVE-2024-50279, CVE-2024-50171, CVE-2024-50156, CVE-2024-50236,
CVE-2024-53055, CVE-2024-50229, CVE-2024-50199, CVE-2024-50262,
CVE-2024-50058, CVE-2024-53052, CVE-2024-50290, CVE-2024-50168,
CVE-2024-50237, CVE-2024-53061, CVE-2024-50282, CVE-2024-50192,
CVE-2024-50230, CVE-2024-50233, CVE-2024-50265, CVE-2024-50117,
CVE-2024-50202, CVE-2024-50205, CVE-2024-50244, CVE-2024-50299,
CVE-2024-53063, CVE-2024-50160, CVE-2024-50010)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS
linux-image-5.15.0-1072-raspi 5.15.0-1072.75
linux-image-raspi 5.15.0.1072.70
linux-image-raspi-nolpae 5.15.0.1072.70

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-7305-1
CVE-2023-52913, CVE-2024-26718, CVE-2024-35887, CVE-2024-39497,
CVE-2024-40953, CVE-2024-40965, CVE-2024-41066, CVE-2024-41080,
CVE-2024-42252, CVE-2024-42291, CVE-2024-50010, CVE-2024-50036,
CVE-2024-50058, CVE-2024-50072, CVE-2024-50074, CVE-2024-50082,
CVE-2024-50083, CVE-2024-50085, CVE-2024-50086, CVE-2024-50099,
CVE-2024-50101, CVE-2024-50103, CVE-2024-50110, CVE-2024-50115,
CVE-2024-50116, CVE-2024-50117, CVE-2024-50127, CVE-2024-50128,
CVE-2024-50131, CVE-2024-50134, CVE-2024-50141, CVE-2024-50142,
CVE-2024-50143, CVE-2024-50148, CVE-2024-50150, CVE-2024-50151,
CVE-2024-50153, CVE-2024-50154, CVE-2024-50156, CVE-2024-50160,
CVE-2024-50162, CVE-2024-50163, CVE-2024-50167, CVE-2024-50168,
CVE-2024-50171, CVE-2024-50182, CVE-2024-50185, CVE-2024-50192,
CVE-2024-50193, CVE-2024-50194, CVE-2024-50195, CVE-2024-50196,
CVE-2024-50198, CVE-2024-50199, CVE-2024-50201, CVE-2024-50202,
CVE-2024-50205, CVE-2024-50208, CVE-2024-50209, CVE-2024-50218,
CVE-2024-50229, CVE-2024-50230, CVE-2024-50232, CVE-2024-50233,
CVE-2024-50234, CVE-2024-50236, CVE-2024-50237, CVE-2024-50244,
CVE-2024-50245, CVE-2024-50247, CVE-2024-50249, CVE-2024-50251,
CVE-2024-50257, CVE-2024-50259, CVE-2024-50262, CVE-2024-50265,
CVE-2024-50267, CVE-2024-50268, CVE-2024-50269, CVE-2024-50273,
CVE-2024-50278, CVE-2024-50279, CVE-2024-50282, CVE-2024-50287,
CVE-2024-50290, CVE-2024-50292, CVE-2024-50295, CVE-2024-50296,
CVE-2024-50299, CVE-2024-50301, CVE-2024-50302, CVE-2024-53042,
CVE-2024-53052, CVE-2024-53055, CVE-2024-53058, CVE-2024-53059,
CVE-2024-53061, CVE-2024-53063, CVE-2024-53066, CVE-2024-53088,
CVE-2024-53097, CVE-2024-53101, CVE-2024-53104

Package Information:
https://launchpad.net/ubuntu/+source/linux-raspi/5.15.0-1072.75



[USN-7304-1] Linux kernel vulnerabilities


==========================================================================
Ubuntu Security Notice USN-7304-1
February 26, 2025

linux-gcp, linux-gke, linux-gkeop vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems
- linux-gke: Linux kernel for Google Container Engine (GKE) systems
- linux-gkeop: Linux kernel for Google Container Engine (GKE) systems

Details:

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- Network block device driver;
- TPM device driver;
- Hardware crypto device drivers;
- ARM SCMI message protocol;
- EFI core;
- GPU drivers;
- I2C subsystem;
- I3C subsystem;
- InfiniBand drivers;
- Input Device core drivers;
- IOMMU subsystem;
- Mailbox framework;
- Media drivers;
- Ethernet bonding driver;
- Network drivers;
- Mellanox network drivers;
- STMicroelectronics network drivers;
- NTB driver;
- PCI subsystem;
- Alibaba DDR Sub-System Driveway PMU driver;
- x86 platform drivers;
- Powercap sysfs driver;
- Remote Processor subsystem;
- SCSI subsystem;
- USB Device Class drivers;
- vDPA drivers;
- Virtio Host (VHOST) subsystem;
- Framebuffer layer;
- AFS file system;
- BTRFS file system;
- File systems infrastructure;
- Ceph distributed file system;
- Ext4 file system;
- F2FS file system;
- JFS file system;
- Network file systems library;
- Network file system (NFS) server daemon;
- NILFS2 file system;
- SMB network file system;
- BPF subsystem;
- Virtio network driver;
- TCP network protocol;
- Perf events;
- Padata parallel execution mechanism;
- RCU subsystem;
- Arbitrary resource management;
- Static call mechanism;
- Tracing infrastructure;
- Memory management;
- Bluetooth subsystem;
- CAN network layer;
- Networking core;
- Distributed Switch Architecture;
- IPv4 networking;
- IPv6 networking;
- MAC80211 subsystem;
- IEEE 802.15.4 subsystem;
- NCSI (Network Controller Sideband Interface) driver;
- RxRPC session sockets;
- SCTP protocol;
- TIPC protocol;
- Wireless networking;
- AudioScience HPI driver;
- KVM core;
(CVE-2024-47678, CVE-2024-49952, CVE-2024-47682, CVE-2024-47679,
CVE-2024-47748, CVE-2024-47728, CVE-2024-49953, CVE-2024-49883,
CVE-2024-47742, CVE-2024-50000, CVE-2024-47733, CVE-2024-47752,
CVE-2024-49927, CVE-2024-47713, CVE-2024-49853, CVE-2024-49998,
CVE-2024-47672, CVE-2024-49900, CVE-2024-49884, CVE-2024-49876,
CVE-2024-47673, CVE-2024-49958, CVE-2024-50274, CVE-2024-49980,
CVE-2024-47703, CVE-2024-49891, CVE-2024-47716, CVE-2024-49903,
CVE-2024-49868, CVE-2024-47699, CVE-2024-50015, CVE-2024-49896,
CVE-2024-49867, CVE-2024-50016, CVE-2024-49862, CVE-2024-49947,
CVE-2024-47714, CVE-2024-50179, CVE-2024-50006, CVE-2024-49881,
CVE-2024-49933, CVE-2024-49882, CVE-2024-47709, CVE-2024-47686,
CVE-2024-49859, CVE-2024-49992, CVE-2024-49957, CVE-2024-47691,
CVE-2024-49936, CVE-2024-49878, CVE-2024-49879, CVE-2024-49997,
CVE-2024-47697, CVE-2024-49963, CVE-2024-49938, CVE-2024-47723,
CVE-2024-47700, CVE-2024-49999, CVE-2024-49923, CVE-2024-49991,
CVE-2024-50013, CVE-2024-47730, CVE-2024-47718, CVE-2024-47671,
CVE-2024-49977, CVE-2024-53144, CVE-2024-49922, CVE-2024-49985,
CVE-2024-47712, CVE-2024-49962, CVE-2024-49907, CVE-2024-49886,
CVE-2024-49976, CVE-2024-49902, CVE-2024-47732, CVE-2024-49995,
CVE-2024-49942, CVE-2024-47706, CVE-2024-47747, CVE-2024-49949,
CVE-2024-49911, CVE-2024-49929, CVE-2024-47737, CVE-2024-47720,
CVE-2024-47756, CVE-2024-47688, CVE-2024-47753, CVE-2024-49937,
CVE-2024-47684, CVE-2024-47690, CVE-2024-49897, CVE-2024-47705,
CVE-2024-49852, CVE-2024-49930, CVE-2024-47681, CVE-2024-50175,
CVE-2024-49863, CVE-2024-49969, CVE-2024-49894, CVE-2024-49928,
CVE-2024-47698, CVE-2024-47710, CVE-2024-49931, CVE-2024-50008,
CVE-2024-49939, CVE-2024-49915, CVE-2024-47757, CVE-2024-49912,
CVE-2024-47696, CVE-2024-47702, CVE-2024-49877, CVE-2024-49974,
CVE-2024-49919, CVE-2024-49888, CVE-2024-49871, CVE-2024-47685,
CVE-2024-47734, CVE-2024-49965, CVE-2024-47707, CVE-2024-49987,
CVE-2024-47745, CVE-2024-50001, CVE-2024-49960, CVE-2024-50014,
CVE-2024-49994, CVE-2024-49875, CVE-2024-49856, CVE-2024-49926,
CVE-2024-47701, CVE-2024-47749, CVE-2024-47715, CVE-2024-49981,
CVE-2024-49935, CVE-2024-47754, CVE-2024-47692, CVE-2024-49864,
CVE-2024-49983, CVE-2024-49950, CVE-2024-49917, CVE-2024-49924,
CVE-2024-47743, CVE-2024-47693, CVE-2024-50176, CVE-2024-47670,
CVE-2024-47727, CVE-2024-47739, CVE-2024-49978, CVE-2024-49858,
CVE-2024-49861, CVE-2024-49946, CVE-2024-50012, CVE-2024-49934,
CVE-2024-49986, CVE-2023-52917, CVE-2024-49870, CVE-2024-49892,
CVE-2024-47741, CVE-2024-47731, CVE-2024-47675, CVE-2024-49898,
CVE-2024-49959, CVE-2024-49988, CVE-2024-49918, CVE-2024-50002,
CVE-2024-49954, CVE-2024-49944, CVE-2024-49996, CVE-2024-49982,
CVE-2024-49948, CVE-2024-49901, CVE-2024-47735, CVE-2024-49851,
CVE-2024-50007, CVE-2024-49895, CVE-2024-47744, CVE-2024-49889,
CVE-2024-50017, CVE-2024-49945, CVE-2024-49890, CVE-2024-49850,
CVE-2024-47677, CVE-2024-47704, CVE-2024-49874, CVE-2024-49860,
CVE-2024-49961, CVE-2024-49975, CVE-2024-41016, CVE-2024-49951,
CVE-2024-49909, CVE-2024-49955, CVE-2024-49885, CVE-2024-50005,
CVE-2024-47750, CVE-2024-47695, CVE-2024-49913, CVE-2024-49925,
CVE-2024-47689, CVE-2024-49866, CVE-2024-49973, CVE-2024-47751,
CVE-2024-49880, CVE-2024-49855, CVE-2024-49989, CVE-2024-47740,
CVE-2024-47687, CVE-2024-47738, CVE-2024-47719, CVE-2024-49905,
CVE-2024-53064, CVE-2024-49966)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.04 LTS
linux-image-6.8.0-1006-gkeop 6.8.0-1006.8
linux-image-6.8.0-1019-gke 6.8.0-1019.23
linux-image-6.8.0-1024-gcp 6.8.0-1024.26
linux-image-6.8.0-1024-gcp-64k 6.8.0-1024.26
linux-image-gcp 6.8.0-1024.26
linux-image-gcp-64k 6.8.0-1024.26
linux-image-gcp-64k-lts-24.04 6.8.0-1024.26
linux-image-gcp-lts-24.04 6.8.0-1024.26
linux-image-gke 6.8.0-1019.23
linux-image-gkeop 6.8.0-1006.8
linux-image-gkeop-6.8 6.8.0-1006.8

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-7304-1
CVE-2023-52917, CVE-2024-41016, CVE-2024-47670, CVE-2024-47671,
CVE-2024-47672, CVE-2024-47673, CVE-2024-47675, CVE-2024-47677,
CVE-2024-47678, CVE-2024-47679, CVE-2024-47681, CVE-2024-47682,
CVE-2024-47684, CVE-2024-47685, CVE-2024-47686, CVE-2024-47687,
CVE-2024-47688, CVE-2024-47689, CVE-2024-47690, CVE-2024-47691,
CVE-2024-47692, CVE-2024-47693, CVE-2024-47695, CVE-2024-47696,
CVE-2024-47697, CVE-2024-47698, CVE-2024-47699, CVE-2024-47700,
CVE-2024-47701, CVE-2024-47702, CVE-2024-47703, CVE-2024-47704,
CVE-2024-47705, CVE-2024-47706, CVE-2024-47707, CVE-2024-47709,
CVE-2024-47710, CVE-2024-47712, CVE-2024-47713, CVE-2024-47714,
CVE-2024-47715, CVE-2024-47716, CVE-2024-47718, CVE-2024-47719,
CVE-2024-47720, CVE-2024-47723, CVE-2024-47727, CVE-2024-47728,
CVE-2024-47730, CVE-2024-47731, CVE-2024-47732, CVE-2024-47733,
CVE-2024-47734, CVE-2024-47735, CVE-2024-47737, CVE-2024-47738,
CVE-2024-47739, CVE-2024-47740, CVE-2024-47741, CVE-2024-47742,
CVE-2024-47743, CVE-2024-47744, CVE-2024-47745, CVE-2024-47747,
CVE-2024-47748, CVE-2024-47749, CVE-2024-47750, CVE-2024-47751,
CVE-2024-47752, CVE-2024-47753, CVE-2024-47754, CVE-2024-47756,
CVE-2024-47757, CVE-2024-49850, CVE-2024-49851, CVE-2024-49852,
CVE-2024-49853, CVE-2024-49855, CVE-2024-49856, CVE-2024-49858,
CVE-2024-49859, CVE-2024-49860, CVE-2024-49861, CVE-2024-49862,
CVE-2024-49863, CVE-2024-49864, CVE-2024-49866, CVE-2024-49867,
CVE-2024-49868, CVE-2024-49870, CVE-2024-49871, CVE-2024-49874,
CVE-2024-49875, CVE-2024-49876, CVE-2024-49877, CVE-2024-49878,
CVE-2024-49879, CVE-2024-49880, CVE-2024-49881, CVE-2024-49882,
CVE-2024-49883, CVE-2024-49884, CVE-2024-49885, CVE-2024-49886,
CVE-2024-49888, CVE-2024-49889, CVE-2024-49890, CVE-2024-49891,
CVE-2024-49892, CVE-2024-49894, CVE-2024-49895, CVE-2024-49896,
CVE-2024-49897, CVE-2024-49898, CVE-2024-49900, CVE-2024-49901,
CVE-2024-49902, CVE-2024-49903, CVE-2024-49905, CVE-2024-49907,
CVE-2024-49909, CVE-2024-49911, CVE-2024-49912, CVE-2024-49913,
CVE-2024-49915, CVE-2024-49917, CVE-2024-49918, CVE-2024-49919,
CVE-2024-49922, CVE-2024-49923, CVE-2024-49924, CVE-2024-49925,
CVE-2024-49926, CVE-2024-49927, CVE-2024-49928, CVE-2024-49929,
CVE-2024-49930, CVE-2024-49931, CVE-2024-49933, CVE-2024-49934,
CVE-2024-49935, CVE-2024-49936, CVE-2024-49937, CVE-2024-49938,
CVE-2024-49939, CVE-2024-49942, CVE-2024-49944, CVE-2024-49945,
CVE-2024-49946, CVE-2024-49947, CVE-2024-49948, CVE-2024-49949,
CVE-2024-49950, CVE-2024-49951, CVE-2024-49952, CVE-2024-49953,
CVE-2024-49954, CVE-2024-49955, CVE-2024-49957, CVE-2024-49958,
CVE-2024-49959, CVE-2024-49960, CVE-2024-49961, CVE-2024-49962,
CVE-2024-49963, CVE-2024-49965, CVE-2024-49966, CVE-2024-49969,
CVE-2024-49973, CVE-2024-49974, CVE-2024-49975, CVE-2024-49976,
CVE-2024-49977, CVE-2024-49978, CVE-2024-49980, CVE-2024-49981,
CVE-2024-49982, CVE-2024-49983, CVE-2024-49985, CVE-2024-49986,
CVE-2024-49987, CVE-2024-49988, CVE-2024-49989, CVE-2024-49991,
CVE-2024-49992, CVE-2024-49994, CVE-2024-49995, CVE-2024-49996,
CVE-2024-49997, CVE-2024-49998, CVE-2024-49999, CVE-2024-50000,
CVE-2024-50001, CVE-2024-50002, CVE-2024-50005, CVE-2024-50006,
CVE-2024-50007, CVE-2024-50008, CVE-2024-50012, CVE-2024-50013,
CVE-2024-50014, CVE-2024-50015, CVE-2024-50016, CVE-2024-50017,
CVE-2024-50175, CVE-2024-50176, CVE-2024-50179, CVE-2024-50274,
CVE-2024-53064, CVE-2024-53144

Package Information:
https://launchpad.net/ubuntu/+source/linux-gcp/6.8.0-1024.26
https://launchpad.net/ubuntu/+source/linux-gke/6.8.0-1019.23
https://launchpad.net/ubuntu/+source/linux-gkeop/6.8.0-1006.8



[USN-7303-1] Linux kernel vulnerabilities


==========================================================================
Ubuntu Security Notice USN-7303-1
February 26, 2025

linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-nvidia: Linux kernel for NVIDIA systems
- linux-nvidia-lowlatency: Linux low latency kernel for NVIDIA systems
- linux-nvidia-6.8: Linux kernel for NVIDIA systems

Details:

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- Network block device driver;
- TPM device driver;
- Hardware crypto device drivers;
- ARM SCMI message protocol;
- EFI core;
- GPU drivers;
- I2C subsystem;
- I3C subsystem;
- InfiniBand drivers;
- Input Device core drivers;
- IOMMU subsystem;
- Mailbox framework;
- Media drivers;
- Ethernet bonding driver;
- Network drivers;
- Mellanox network drivers;
- STMicroelectronics network drivers;
- NTB driver;
- PCI subsystem;
- Alibaba DDR Sub-System Driveway PMU driver;
- x86 platform drivers;
- Powercap sysfs driver;
- Remote Processor subsystem;
- SCSI subsystem;
- USB Device Class drivers;
- vDPA drivers;
- Virtio Host (VHOST) subsystem;
- Framebuffer layer;
- AFS file system;
- BTRFS file system;
- File systems infrastructure;
- Ceph distributed file system;
- Ext4 file system;
- F2FS file system;
- JFS file system;
- Network file systems library;
- Network file system (NFS) server daemon;
- NILFS2 file system;
- SMB network file system;
- BPF subsystem;
- Virtio network driver;
- TCP network protocol;
- Perf events;
- Padata parallel execution mechanism;
- RCU subsystem;
- Arbitrary resource management;
- Static call mechanism;
- Tracing infrastructure;
- Memory management;
- Bluetooth subsystem;
- CAN network layer;
- Networking core;
- Distributed Switch Architecture;
- IPv4 networking;
- IPv6 networking;
- MAC80211 subsystem;
- IEEE 802.15.4 subsystem;
- NCSI (Network Controller Sideband Interface) driver;
- RxRPC session sockets;
- SCTP protocol;
- TIPC protocol;
- Wireless networking;
- AudioScience HPI driver;
- KVM core;
(CVE-2024-49852, CVE-2024-50175, CVE-2024-47709, CVE-2024-47671,
CVE-2024-50179, CVE-2024-47743, CVE-2024-47687, CVE-2024-49934,
CVE-2024-47700, CVE-2024-49892, CVE-2024-49866, CVE-2024-50012,
CVE-2024-49860, CVE-2024-49948, CVE-2024-49882, CVE-2024-47744,
CVE-2024-49905, CVE-2024-47728, CVE-2024-49874, CVE-2024-47678,
CVE-2024-47688, CVE-2024-47737, CVE-2024-49859, CVE-2024-49947,
CVE-2024-49994, CVE-2024-49986, CVE-2024-49917, CVE-2024-50000,
CVE-2024-49962, CVE-2024-47733, CVE-2024-47741, CVE-2024-47685,
CVE-2024-47752, CVE-2024-49960, CVE-2024-47754, CVE-2024-47675,
CVE-2024-49958, CVE-2024-47748, CVE-2024-47679, CVE-2024-47690,
CVE-2024-47740, CVE-2024-47672, CVE-2024-49883, CVE-2024-49928,
CVE-2024-49961, CVE-2024-47677, CVE-2024-47706, CVE-2024-49955,
CVE-2024-49907, CVE-2024-47745, CVE-2024-49963, CVE-2024-47723,
CVE-2024-49897, CVE-2024-49927, CVE-2024-50008, CVE-2024-47713,
CVE-2024-49894, CVE-2024-49903, CVE-2024-47747, CVE-2024-47705,
CVE-2024-49976, CVE-2024-53144, CVE-2024-49983, CVE-2024-49937,
CVE-2024-49953, CVE-2024-41016, CVE-2024-49969, CVE-2024-49982,
CVE-2024-50007, CVE-2024-50015, CVE-2024-49889, CVE-2024-49923,
CVE-2024-49850, CVE-2024-47720, CVE-2024-49973, CVE-2024-49991,
CVE-2024-49901, CVE-2024-49881, CVE-2024-49911, CVE-2024-47710,
CVE-2024-49981, CVE-2024-49918, CVE-2024-49861, CVE-2024-49959,
CVE-2024-50005, CVE-2024-47701, CVE-2024-49855, CVE-2024-49987,
CVE-2024-47704, CVE-2024-49977, CVE-2024-47670, CVE-2024-47707,
CVE-2024-47735, CVE-2024-49996, CVE-2024-49868, CVE-2024-47749,
CVE-2024-49985, CVE-2024-47753, CVE-2024-49877, CVE-2024-47716,
CVE-2024-47731, CVE-2024-49880, CVE-2024-47715, CVE-2024-49931,
CVE-2024-49856, CVE-2024-49929, CVE-2024-47689, CVE-2024-49885,
CVE-2024-50002, CVE-2024-49999, CVE-2024-47734, CVE-2024-49909,
CVE-2024-49871, CVE-2024-49915, CVE-2024-50013, CVE-2024-47682,
CVE-2024-49864, CVE-2024-49949, CVE-2024-49933, CVE-2024-49975,
CVE-2024-49863, CVE-2024-49867, CVE-2024-49951, CVE-2024-50014,
CVE-2024-47739, CVE-2024-49886, CVE-2024-49891, CVE-2024-49879,
CVE-2024-47696, CVE-2024-49896, CVE-2024-49988, CVE-2024-47691,
CVE-2024-47732, CVE-2024-47742, CVE-2024-47698, CVE-2024-49925,
CVE-2024-47695, CVE-2024-49898, CVE-2024-49989, CVE-2024-49913,
CVE-2024-49935, CVE-2024-50017, CVE-2024-47703, CVE-2024-49954,
CVE-2024-49875, CVE-2024-49858, CVE-2024-49997, CVE-2024-49895,
CVE-2024-47719, CVE-2024-47750, CVE-2024-47693, CVE-2024-49926,
CVE-2024-50001, CVE-2024-47718, CVE-2024-47714, CVE-2024-49919,
CVE-2024-49938, CVE-2024-49952, CVE-2024-49942, CVE-2024-49957,
CVE-2024-49930, CVE-2024-47702, CVE-2024-50006, CVE-2024-49888,
CVE-2024-47756, CVE-2024-49890, CVE-2024-50176, CVE-2024-47686,
CVE-2024-49978, CVE-2024-47697, CVE-2024-49974, CVE-2024-47751,
CVE-2024-47712, CVE-2024-47727, CVE-2023-52917, CVE-2024-49980,
CVE-2024-49965, CVE-2024-49878, CVE-2024-50016, CVE-2024-47738,
CVE-2024-47681, CVE-2024-47699, CVE-2024-49998, CVE-2024-49902,
CVE-2024-49966, CVE-2024-49884, CVE-2024-49936, CVE-2024-47757,
CVE-2024-49851, CVE-2024-49924, CVE-2024-49944, CVE-2024-49912,
CVE-2024-49992, CVE-2024-47684, CVE-2024-49950, CVE-2024-49939,
CVE-2024-47730, CVE-2024-49853, CVE-2024-49862, CVE-2024-49900,
CVE-2024-49876, CVE-2024-49945, CVE-2024-47673, CVE-2024-49870,
CVE-2024-47692, CVE-2024-49946, CVE-2024-49995, CVE-2024-49922)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.04 LTS
linux-image-6.8.0-1022-nvidia 6.8.0-1022.25
linux-image-6.8.0-1022-nvidia-64k 6.8.0-1022.25
linux-image-6.8.0-1022-nvidia-lowlatency 6.8.0-1022.25.2
linux-image-6.8.0-1022-nvidia-lowlatency-64k 6.8.0-1022.25.2
linux-image-nvidia 6.8.0-1022.25
linux-image-nvidia-64k 6.8.0-1022.25
linux-image-nvidia-lowlatency 6.8.0-1022.25.2
linux-image-nvidia-lowlatency-64k 6.8.0-1022.25.2

Ubuntu 22.04 LTS
linux-image-6.8.0-1022-nvidia 6.8.0-1022.25~22.04.2
linux-image-6.8.0-1022-nvidia-64k 6.8.0-1022.25~22.04.2
linux-image-nvidia-6.8 6.8.0-1022.25~22.04.2
linux-image-nvidia-64k-6.8 6.8.0-1022.25~22.04.2
linux-image-nvidia-64k-hwe-22.04 6.8.0-1022.25~22.04.2
linux-image-nvidia-hwe-22.04 6.8.0-1022.25~22.04.2

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-7303-1
CVE-2023-52917, CVE-2024-41016, CVE-2024-47670, CVE-2024-47671,
CVE-2024-47672, CVE-2024-47673, CVE-2024-47675, CVE-2024-47677,
CVE-2024-47678, CVE-2024-47679, CVE-2024-47681, CVE-2024-47682,
CVE-2024-47684, CVE-2024-47685, CVE-2024-47686, CVE-2024-47687,
CVE-2024-47688, CVE-2024-47689, CVE-2024-47690, CVE-2024-47691,
CVE-2024-47692, CVE-2024-47693, CVE-2024-47695, CVE-2024-47696,
CVE-2024-47697, CVE-2024-47698, CVE-2024-47699, CVE-2024-47700,
CVE-2024-47701, CVE-2024-47702, CVE-2024-47703, CVE-2024-47704,
CVE-2024-47705, CVE-2024-47706, CVE-2024-47707, CVE-2024-47709,
CVE-2024-47710, CVE-2024-47712, CVE-2024-47713, CVE-2024-47714,
CVE-2024-47715, CVE-2024-47716, CVE-2024-47718, CVE-2024-47719,
CVE-2024-47720, CVE-2024-47723, CVE-2024-47727, CVE-2024-47728,
CVE-2024-47730, CVE-2024-47731, CVE-2024-47732, CVE-2024-47733,
CVE-2024-47734, CVE-2024-47735, CVE-2024-47737, CVE-2024-47738,
CVE-2024-47739, CVE-2024-47740, CVE-2024-47741, CVE-2024-47742,
CVE-2024-47743, CVE-2024-47744, CVE-2024-47745, CVE-2024-47747,
CVE-2024-47748, CVE-2024-47749, CVE-2024-47750, CVE-2024-47751,
CVE-2024-47752, CVE-2024-47753, CVE-2024-47754, CVE-2024-47756,
CVE-2024-47757, CVE-2024-49850, CVE-2024-49851, CVE-2024-49852,
CVE-2024-49853, CVE-2024-49855, CVE-2024-49856, CVE-2024-49858,
CVE-2024-49859, CVE-2024-49860, CVE-2024-49861, CVE-2024-49862,
CVE-2024-49863, CVE-2024-49864, CVE-2024-49866, CVE-2024-49867,
CVE-2024-49868, CVE-2024-49870, CVE-2024-49871, CVE-2024-49874,
CVE-2024-49875, CVE-2024-49876, CVE-2024-49877, CVE-2024-49878,
CVE-2024-49879, CVE-2024-49880, CVE-2024-49881, CVE-2024-49882,
CVE-2024-49883, CVE-2024-49884, CVE-2024-49885, CVE-2024-49886,
CVE-2024-49888, CVE-2024-49889, CVE-2024-49890, CVE-2024-49891,
CVE-2024-49892, CVE-2024-49894, CVE-2024-49895, CVE-2024-49896,
CVE-2024-49897, CVE-2024-49898, CVE-2024-49900, CVE-2024-49901,
CVE-2024-49902, CVE-2024-49903, CVE-2024-49905, CVE-2024-49907,
CVE-2024-49909, CVE-2024-49911, CVE-2024-49912, CVE-2024-49913,
CVE-2024-49915, CVE-2024-49917, CVE-2024-49918, CVE-2024-49919,
CVE-2024-49922, CVE-2024-49923, CVE-2024-49924, CVE-2024-49925,
CVE-2024-49926, CVE-2024-49927, CVE-2024-49928, CVE-2024-49929,
CVE-2024-49930, CVE-2024-49931, CVE-2024-49933, CVE-2024-49934,
CVE-2024-49935, CVE-2024-49936, CVE-2024-49937, CVE-2024-49938,
CVE-2024-49939, CVE-2024-49942, CVE-2024-49944, CVE-2024-49945,
CVE-2024-49946, CVE-2024-49947, CVE-2024-49948, CVE-2024-49949,
CVE-2024-49950, CVE-2024-49951, CVE-2024-49952, CVE-2024-49953,
CVE-2024-49954, CVE-2024-49955, CVE-2024-49957, CVE-2024-49958,
CVE-2024-49959, CVE-2024-49960, CVE-2024-49961, CVE-2024-49962,
CVE-2024-49963, CVE-2024-49965, CVE-2024-49966, CVE-2024-49969,
CVE-2024-49973, CVE-2024-49974, CVE-2024-49975, CVE-2024-49976,
CVE-2024-49977, CVE-2024-49978, CVE-2024-49980, CVE-2024-49981,
CVE-2024-49982, CVE-2024-49983, CVE-2024-49985, CVE-2024-49986,
CVE-2024-49987, CVE-2024-49988, CVE-2024-49989, CVE-2024-49991,
CVE-2024-49992, CVE-2024-49994, CVE-2024-49995, CVE-2024-49996,
CVE-2024-49997, CVE-2024-49998, CVE-2024-49999, CVE-2024-50000,
CVE-2024-50001, CVE-2024-50002, CVE-2024-50005, CVE-2024-50006,
CVE-2024-50007, CVE-2024-50008, CVE-2024-50012, CVE-2024-50013,
CVE-2024-50014, CVE-2024-50015, CVE-2024-50016, CVE-2024-50017,
CVE-2024-50175, CVE-2024-50176, CVE-2024-50179, CVE-2024-53144

Package Information:
https://launchpad.net/ubuntu/+source/linux-nvidia/6.8.0-1022.25
https://launchpad.net/ubuntu/+source/linux-nvidia-lowlatency/6.8.0-1022.25.2
https://launchpad.net/ubuntu/+source/linux-nvidia-6.8/6.8.0-1022.25~22.04.2



[USN-7306-1] GNU binutils vulnerabilities


=========================================================================
Ubuntu Security Notice USN-7306-1
February 26, 2025

binutils vulnerabilities
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS

Summary:

Several security issues were fixed in GNU binutils.

Software Description:
- binutils: GNU assembler, linker and binary utilities

Details:

It was discovered that GNU binutils in nm tool is affected by an
incorrect access control. An attacker could possibly use this issue
to cause a crash. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04
LTS, and Ubuntu 24.10. (CVE-2024-57360)

It was discovered that GNU binutils incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a crash or execute
arbitrary code. (CVE-2025-0840)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.10
binutils 2.43.1-4ubuntu1.1
binutils-multiarch 2.43.1-4ubuntu1.1

Ubuntu 24.04 LTS
binutils 2.42-4ubuntu2.4
binutils-multiarch 2.42-4ubuntu2.4

Ubuntu 22.04 LTS
binutils 2.38-4ubuntu2.7
binutils-multiarch 2.38-4ubuntu2.7

Ubuntu 20.04 LTS
binutils 2.34-6ubuntu1.10
binutils-multiarch 2.34-6ubuntu1.10

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-7306-1
CVE-2024-57360, CVE-2025-0840

Package Information:
https://launchpad.net/ubuntu/+source/binutils/2.43.1-4ubuntu1.1
https://launchpad.net/ubuntu/+source/binutils/2.42-4ubuntu2.4
https://launchpad.net/ubuntu/+source/binutils/2.38-4ubuntu2.7
https://launchpad.net/ubuntu/+source/binutils/2.34-6ubuntu1.10



[USN-7307-1] xmltok library vulnerability


==========================================================================
Ubuntu Security Notice USN-7307-1
February 26, 2025

libxmltok vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS

Summary:

Libxmltok could be made to crash if it opened a specially crafted
file.

Software Description:
- libxmltok: XML Parser Toolkit, developer libraries

Details:

Tim Boddy discovered that Expat, contained within the xmltok library, did
not properly handle memory reallocation when processing XML files. If a
user or application linked against Expat were tricked into opening a
crafted XML file, an attacker could cause a denial of service by consuming
excessive memory resources.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.10
  libxmltok1t64                   1.2-4.1ubuntu3.2

Ubuntu 24.04 LTS
  libxmltok1t64                   1.2-4.1ubuntu2.24.0.4.1+esm3
                                  Available with Ubuntu Pro

Ubuntu 22.04 LTS
  libxmltok1                      1.2-4ubuntu0.22.04.1~esm5
                                  Available with Ubuntu Pro

Ubuntu 20.04 LTS
  libxmltok1                      1.2-4ubuntu0.20.04.1~esm5
                                  Available with Ubuntu Pro

Ubuntu 18.04 LTS
  libxmltok1                      1.2-4ubuntu0.18.04.1~esm5
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-7307-1
  CVE-2012-1148

Package Information:
  https://launchpad.net/ubuntu/+source/libxmltok/1.2-4.1ubuntu3.2