Kernel, Kerberos, Raptor, and more updates for Ubuntu

Ubuntu 6712 Published by

Ubuntu Linux has received updates addressing multiple security vulnerabilities, which include kernel, Kerberos, Raptor, PostgreSQL, Erlang, cmark-gfm, SPIP, wpa_supplicant, hostapd, Apache Solr, and tomcat7:

[USN-7294-4] Linux kernel vulnerabilities
[USN-7303-3] Linux kernel vulnerabilities
[USN-7314-1] Kerberos vulnerabilities
[USN-7316-1] Raptor vulnerabilities
[USN-7315-1] PostgreSQL vulnerability
[USN-7313-1] Erlang vulnerability
[USN-7319-1] cmark-gfm vulnerabilities
[USN-7318-1] SPIP vulnerabilities
[USN-7317-1] wpa_supplicant and hostapd vulnerabilities
[USN-7283-1] Apache Solr vulnerability
[USN-7282-1] tomcat7 vulnerabilities




[USN-7294-4] Linux kernel vulnerabilities


==========================================================================
Ubuntu Security Notice USN-7294-4
March 03, 2025

linux-kvm vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 20.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-kvm: Linux kernel for cloud environments

Details:

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- Block layer subsystem;
- ACPI drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- TPM device driver;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- I2C subsystem;
- InfiniBand drivers;
- Mailbox framework;
- Multiple devices driver;
- Media drivers;
- Network drivers;
- NTB driver;
- Virtio pmem driver;
- Parport drivers;
- PCI subsystem;
- SPI subsystem;
- Direct Digital Synthesis drivers;
- USB Device Class drivers;
- USB Dual Role (OTG-ready) Controller drivers;
- USB Serial drivers;
- USB Type-C support driver;
- Framebuffer layer;
- BTRFS file system;
- Ceph distributed file system;
- Ext4 file system;
- F2FS file system;
- File systems infrastructure;
- JFS file system;
- Network file system (NFS) client;
- Network file system (NFS) server daemon;
- NILFS2 file system;
- SMB network file system;
- Network traffic control;
- Network sockets;
- TCP network protocol;
- BPF subsystem;
- Perf events;
- Arbitrary resource management;
- Timer substystem drivers;
- Tracing infrastructure;
- Closures library;
- Memory management;
- Amateur Radio drivers;
- Bluetooth subsystem;
- Ethernet bridge;
- CAN network layer;
- Networking core;
- IPv4 networking;
- IPv6 networking;
- MAC80211 subsystem;
- Netfilter;
- Netlink;
- SCTP protocol;
- TIPC protocol;
- Wireless networking;
- XFRM subsystem;
- Key management;
- FireWire sound drivers;
- AudioScience HPI driver;
- Amlogic Meson SoC drivers;
- KVM core;
(CVE-2024-47672, CVE-2024-50273, CVE-2024-49896, CVE-2024-49962,
CVE-2024-50007, CVE-2024-47706, CVE-2024-50302, CVE-2024-50299,
CVE-2024-49959, CVE-2024-49973, CVE-2024-47674, CVE-2024-50143,
CVE-2024-50278, CVE-2024-50184, CVE-2024-49892, CVE-2024-50044,
CVE-2024-47701, CVE-2024-49860, CVE-2024-47692, CVE-2024-49948,
CVE-2024-50039, CVE-2024-50006, CVE-2024-53066, CVE-2024-49944,
CVE-2024-43863, CVE-2024-47756, CVE-2024-50082, CVE-2024-50237,
CVE-2024-50262, CVE-2024-49900, CVE-2024-50059, CVE-2024-50194,
CVE-2024-53063, CVE-2024-47697, CVE-2024-49975, CVE-2024-50033,
CVE-2024-50148, CVE-2024-50116, CVE-2024-50168, CVE-2024-47747,
CVE-2024-53104, CVE-2024-50218, CVE-2024-50279, CVE-2024-46853,
CVE-2024-46854, CVE-2024-50127, CVE-2024-49995, CVE-2024-50282,
CVE-2024-47685, CVE-2024-50296, CVE-2024-50099, CVE-2024-50199,
CVE-2024-49879, CVE-2024-50287, CVE-2024-50265, CVE-2024-50269,
CVE-2024-47698, CVE-2024-49868, CVE-2024-50035, CVE-2024-47709,
CVE-2024-50024, CVE-2024-50301, CVE-2024-50142, CVE-2024-53059,
CVE-2024-50008, CVE-2024-49997, CVE-2024-46849, CVE-2024-50290,
CVE-2024-40953, CVE-2024-49985, CVE-2024-47737, CVE-2024-49883,
CVE-2024-50040, CVE-2024-49958, CVE-2024-50205, CVE-2024-47723,
CVE-2024-50180, CVE-2024-50229, CVE-2024-50131, CVE-2024-47713,
CVE-2024-49963, CVE-2024-44931, CVE-2024-47742, CVE-2024-49903,
CVE-2024-49949, CVE-2024-47684, CVE-2024-35896, CVE-2024-41016,
CVE-2024-49955, CVE-2024-50134, CVE-2024-49938, CVE-2024-49877,
CVE-2024-49981, CVE-2024-50234, CVE-2024-50096, CVE-2024-49952,
CVE-2024-49957, CVE-2024-49982, CVE-2024-47710, CVE-2024-53061,
CVE-2024-50267, CVE-2024-47712, CVE-2024-50195, CVE-2024-50236,
CVE-2024-47749, CVE-2024-47757, CVE-2024-49894, CVE-2024-50179,
CVE-2024-42252, CVE-2024-49851, CVE-2024-53101, CVE-2024-38544,
CVE-2024-50117, CVE-2023-52917, CVE-2024-50045, CVE-2024-40911,
CVE-2024-49882, CVE-2024-49867, CVE-2024-50202, CVE-2024-49878,
CVE-2024-50251, CVE-2024-50151, CVE-2024-50171, CVE-2024-47740,
CVE-2024-49965, CVE-2023-52458, CVE-2024-50233, CVE-2024-40965,
CVE-2024-49924, CVE-2024-50167, CVE-2024-47670, CVE-2021-47469,
CVE-2024-35887, CVE-2024-50074, CVE-2024-46731, CVE-2024-47671,
CVE-2024-41066, CVE-2024-49966, CVE-2024-50150, CVE-2024-50230,
CVE-2024-47696, CVE-2024-47699, CVE-2024-47679, CVE-2024-49902)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS
linux-image-5.4.0-1127-kvm 5.4.0-1127.136
linux-image-kvm 5.4.0.1127.123

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-7294-4
https://ubuntu.com/security/notices/USN-7294-3
https://ubuntu.com/security/notices/USN-7294-2
https://ubuntu.com/security/notices/USN-7294-1
CVE-2021-47469, CVE-2023-52458, CVE-2023-52917, CVE-2024-35887,
CVE-2024-35896, CVE-2024-38544, CVE-2024-40911, CVE-2024-40953,
CVE-2024-40965, CVE-2024-41016, CVE-2024-41066, CVE-2024-42252,
CVE-2024-43863, CVE-2024-44931, CVE-2024-46731, CVE-2024-46849,
CVE-2024-46853, CVE-2024-46854, CVE-2024-47670, CVE-2024-47671,
CVE-2024-47672, CVE-2024-47674, CVE-2024-47679, CVE-2024-47684,
CVE-2024-47685, CVE-2024-47692, CVE-2024-47696, CVE-2024-47697,
CVE-2024-47698, CVE-2024-47699, CVE-2024-47701, CVE-2024-47706,
CVE-2024-47709, CVE-2024-47710, CVE-2024-47712, CVE-2024-47713,
CVE-2024-47723, CVE-2024-47737, CVE-2024-47740, CVE-2024-47742,
CVE-2024-47747, CVE-2024-47749, CVE-2024-47756, CVE-2024-47757,
CVE-2024-49851, CVE-2024-49860, CVE-2024-49867, CVE-2024-49868,
CVE-2024-49877, CVE-2024-49878, CVE-2024-49879, CVE-2024-49882,
CVE-2024-49883, CVE-2024-49892, CVE-2024-49894, CVE-2024-49896,
CVE-2024-49900, CVE-2024-49902, CVE-2024-49903, CVE-2024-49924,
CVE-2024-49938, CVE-2024-49944, CVE-2024-49948, CVE-2024-49949,
CVE-2024-49952, CVE-2024-49955, CVE-2024-49957, CVE-2024-49958,
CVE-2024-49959, CVE-2024-49962, CVE-2024-49963, CVE-2024-49965,
CVE-2024-49966, CVE-2024-49973, CVE-2024-49975, CVE-2024-49981,
CVE-2024-49982, CVE-2024-49985, CVE-2024-49995, CVE-2024-49997,
CVE-2024-50006, CVE-2024-50007, CVE-2024-50008, CVE-2024-50024,
CVE-2024-50033, CVE-2024-50035, CVE-2024-50039, CVE-2024-50040,
CVE-2024-50044, CVE-2024-50045, CVE-2024-50059, CVE-2024-50074,
CVE-2024-50082, CVE-2024-50096, CVE-2024-50099, CVE-2024-50116,
CVE-2024-50117, CVE-2024-50127, CVE-2024-50131, CVE-2024-50134,
CVE-2024-50142, CVE-2024-50143, CVE-2024-50148, CVE-2024-50150,
CVE-2024-50151, CVE-2024-50167, CVE-2024-50168, CVE-2024-50171,
CVE-2024-50179, CVE-2024-50180, CVE-2024-50184, CVE-2024-50194,
CVE-2024-50195, CVE-2024-50199, CVE-2024-50202, CVE-2024-50205,
CVE-2024-50218, CVE-2024-50229, CVE-2024-50230, CVE-2024-50233,
CVE-2024-50234, CVE-2024-50236, CVE-2024-50237, CVE-2024-50251,
CVE-2024-50262, CVE-2024-50265, CVE-2024-50267, CVE-2024-50269,
CVE-2024-50273, CVE-2024-50278, CVE-2024-50279, CVE-2024-50282,
CVE-2024-50287, CVE-2024-50290, CVE-2024-50296, CVE-2024-50299,
CVE-2024-50301, CVE-2024-50302, CVE-2024-53059, CVE-2024-53061,
CVE-2024-53063, CVE-2024-53066, CVE-2024-53101, CVE-2024-53104

Package Information:
https://launchpad.net/ubuntu/+source/linux-kvm/5.4.0-1127.136



[USN-7303-3] Linux kernel vulnerabilities


==========================================================================
Ubuntu Security Notice USN-7303-3
March 03, 2025

linux-gcp-6.8, linux-raspi vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-raspi: Linux kernel for Raspberry Pi systems
- linux-gcp-6.8: Linux kernel for Google Cloud Platform (GCP) systems

Details:

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
- x86 architecture;
- Block layer subsystem;
- Cryptographic API;
- ACPI drivers;
- Drivers core;
- ATA over ethernet (AOE) driver;
- Network block device driver;
- TPM device driver;
- Hardware crypto device drivers;
- ARM SCMI message protocol;
- EFI core;
- GPU drivers;
- I2C subsystem;
- I3C subsystem;
- InfiniBand drivers;
- Input Device core drivers;
- IOMMU subsystem;
- Mailbox framework;
- Media drivers;
- Ethernet bonding driver;
- Network drivers;
- Mellanox network drivers;
- STMicroelectronics network drivers;
- NTB driver;
- PCI subsystem;
- Alibaba DDR Sub-System Driveway PMU driver;
- x86 platform drivers;
- Powercap sysfs driver;
- Remote Processor subsystem;
- SCSI subsystem;
- USB Device Class drivers;
- vDPA drivers;
- Virtio Host (VHOST) subsystem;
- Framebuffer layer;
- AFS file system;
- BTRFS file system;
- File systems infrastructure;
- Ceph distributed file system;
- Ext4 file system;
- F2FS file system;
- JFS file system;
- Network file systems library;
- Network file system (NFS) server daemon;
- NILFS2 file system;
- SMB network file system;
- BPF subsystem;
- Virtio network driver;
- TCP network protocol;
- Perf events;
- Padata parallel execution mechanism;
- RCU subsystem;
- Arbitrary resource management;
- Static call mechanism;
- Tracing infrastructure;
- Memory management;
- Bluetooth subsystem;
- CAN network layer;
- Networking core;
- Distributed Switch Architecture;
- IPv4 networking;
- IPv6 networking;
- MAC80211 subsystem;
- IEEE 802.15.4 subsystem;
- NCSI (Network Controller Sideband Interface) driver;
- RxRPC session sockets;
- SCTP protocol;
- TIPC protocol;
- Wireless networking;
- AudioScience HPI driver;
- KVM core;
(CVE-2024-47709, CVE-2024-49889, CVE-2024-49931, CVE-2024-50008,
CVE-2024-49969, CVE-2024-49975, CVE-2024-49958, CVE-2024-47756,
CVE-2024-49944, CVE-2024-47707, CVE-2024-47693, CVE-2024-47686,
CVE-2024-47734, CVE-2024-47750, CVE-2024-50179, CVE-2024-49942,
CVE-2024-49864, CVE-2024-49891, CVE-2024-49965, CVE-2024-49905,
CVE-2024-47719, CVE-2024-49877, CVE-2024-47688, CVE-2024-47691,
CVE-2024-47710, CVE-2024-47748, CVE-2024-49948, CVE-2024-49998,
CVE-2024-47673, CVE-2024-47738, CVE-2024-47701, CVE-2024-47705,
CVE-2024-49930, CVE-2024-49985, CVE-2024-50016, CVE-2024-53144,
CVE-2023-52917, CVE-2024-47690, CVE-2024-47675, CVE-2024-50176,
CVE-2024-49922, CVE-2024-47704, CVE-2024-49982, CVE-2024-47741,
CVE-2024-49991, CVE-2024-49902, CVE-2024-49883, CVE-2024-49892,
CVE-2024-50002, CVE-2024-49945, CVE-2024-49959, CVE-2024-47732,
CVE-2024-49856, CVE-2024-47677, CVE-2024-49978, CVE-2024-49966,
CVE-2024-49937, CVE-2024-47744, CVE-2024-49890, CVE-2024-47739,
CVE-2024-50012, CVE-2024-47742, CVE-2024-49980, CVE-2024-47706,
CVE-2024-49994, CVE-2024-50017, CVE-2024-47697, CVE-2024-49996,
CVE-2024-49953, CVE-2024-49871, CVE-2024-47723, CVE-2024-49987,
CVE-2024-49917, CVE-2024-49888, CVE-2024-49866, CVE-2024-50005,
CVE-2024-47681, CVE-2024-49870, CVE-2024-49898, CVE-2024-49981,
CVE-2024-49947, CVE-2024-49918, CVE-2024-49983, CVE-2024-47698,
CVE-2024-49850, CVE-2024-50007, CVE-2024-49900, CVE-2024-49923,
CVE-2024-49909, CVE-2024-47687, CVE-2024-50015, CVE-2024-47715,
CVE-2024-47745, CVE-2024-49926, CVE-2024-49879, CVE-2024-49986,
CVE-2024-49929, CVE-2024-49949, CVE-2024-49976, CVE-2024-47749,
CVE-2024-47689, CVE-2024-47720, CVE-2024-47743, CVE-2024-49878,
CVE-2024-49935, CVE-2024-49955, CVE-2024-49997, CVE-2024-49860,
CVE-2024-47703, CVE-2024-50175, CVE-2024-49855, CVE-2024-49861,
CVE-2024-49951, CVE-2024-49863, CVE-2024-49882, CVE-2024-50000,
CVE-2024-49912, CVE-2024-49974, CVE-2024-49977, CVE-2024-47752,
CVE-2024-47700, CVE-2024-49911, CVE-2024-49852, CVE-2024-47740,
CVE-2024-47671, CVE-2024-49988, CVE-2024-47699, CVE-2024-47757,
CVE-2024-49933, CVE-2024-49913, CVE-2024-49907, CVE-2024-49881,
CVE-2024-47751, CVE-2024-47753, CVE-2024-47731, CVE-2024-47730,
CVE-2024-49934, CVE-2024-49957, CVE-2024-49938, CVE-2024-47728,
CVE-2024-49867, CVE-2024-47754, CVE-2024-49919, CVE-2024-49992,
CVE-2024-49950, CVE-2024-49954, CVE-2024-49924, CVE-2024-47670,
CVE-2024-50014, CVE-2024-47684, CVE-2024-49884, CVE-2024-47678,
CVE-2024-49894, CVE-2024-49859, CVE-2024-47735, CVE-2024-47696,
CVE-2024-49999, CVE-2024-49880, CVE-2024-47747, CVE-2024-49885,
CVE-2024-49963, CVE-2024-49995, CVE-2024-49897, CVE-2024-49868,
CVE-2024-49862, CVE-2024-49928, CVE-2024-47685, CVE-2024-47692,
CVE-2024-49927, CVE-2024-47695, CVE-2024-49896, CVE-2024-49875,
CVE-2024-49853, CVE-2024-47714, CVE-2024-49989, CVE-2024-49858,
CVE-2024-49952, CVE-2024-49973, CVE-2024-49925, CVE-2024-49851,
CVE-2024-47712, CVE-2024-49961, CVE-2024-47713, CVE-2024-47718,
CVE-2024-49962, CVE-2024-47737, CVE-2024-50001, CVE-2024-49876,
CVE-2024-49903, CVE-2024-49939, CVE-2024-49886, CVE-2024-47679,
CVE-2024-50006, CVE-2024-49874, CVE-2024-47716, CVE-2024-49895,
CVE-2024-47727, CVE-2024-47672, CVE-2024-49901, CVE-2024-47733,
CVE-2024-47682, CVE-2024-47702, CVE-2024-50013, CVE-2024-41016,
CVE-2024-49960, CVE-2024-49936, CVE-2024-49946, CVE-2024-49915)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.04 LTS
linux-image-6.8.0-1019-raspi 6.8.0-1019.23
linux-image-raspi 6.8.0-1019.23

Ubuntu 22.04 LTS
linux-image-6.8.0-1024-gcp 6.8.0-1024.26~22.04.1
linux-image-6.8.0-1024-gcp-64k 6.8.0-1024.26~22.04.1
linux-image-gcp 6.8.0-1024.26~22.04.1
linux-image-gcp-64k 6.8.0-1024.26~22.04.1

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-7303-3
https://ubuntu.com/security/notices/USN-7303-2
https://ubuntu.com/security/notices/USN-7303-1
CVE-2023-52917, CVE-2024-41016, CVE-2024-47670, CVE-2024-47671,
CVE-2024-47672, CVE-2024-47673, CVE-2024-47675, CVE-2024-47677,
CVE-2024-47678, CVE-2024-47679, CVE-2024-47681, CVE-2024-47682,
CVE-2024-47684, CVE-2024-47685, CVE-2024-47686, CVE-2024-47687,
CVE-2024-47688, CVE-2024-47689, CVE-2024-47690, CVE-2024-47691,
CVE-2024-47692, CVE-2024-47693, CVE-2024-47695, CVE-2024-47696,
CVE-2024-47697, CVE-2024-47698, CVE-2024-47699, CVE-2024-47700,
CVE-2024-47701, CVE-2024-47702, CVE-2024-47703, CVE-2024-47704,
CVE-2024-47705, CVE-2024-47706, CVE-2024-47707, CVE-2024-47709,
CVE-2024-47710, CVE-2024-47712, CVE-2024-47713, CVE-2024-47714,
CVE-2024-47715, CVE-2024-47716, CVE-2024-47718, CVE-2024-47719,
CVE-2024-47720, CVE-2024-47723, CVE-2024-47727, CVE-2024-47728,
CVE-2024-47730, CVE-2024-47731, CVE-2024-47732, CVE-2024-47733,
CVE-2024-47734, CVE-2024-47735, CVE-2024-47737, CVE-2024-47738,
CVE-2024-47739, CVE-2024-47740, CVE-2024-47741, CVE-2024-47742,
CVE-2024-47743, CVE-2024-47744, CVE-2024-47745, CVE-2024-47747,
CVE-2024-47748, CVE-2024-47749, CVE-2024-47750, CVE-2024-47751,
CVE-2024-47752, CVE-2024-47753, CVE-2024-47754, CVE-2024-47756,
CVE-2024-47757, CVE-2024-49850, CVE-2024-49851, CVE-2024-49852,
CVE-2024-49853, CVE-2024-49855, CVE-2024-49856, CVE-2024-49858,
CVE-2024-49859, CVE-2024-49860, CVE-2024-49861, CVE-2024-49862,
CVE-2024-49863, CVE-2024-49864, CVE-2024-49866, CVE-2024-49867,
CVE-2024-49868, CVE-2024-49870, CVE-2024-49871, CVE-2024-49874,
CVE-2024-49875, CVE-2024-49876, CVE-2024-49877, CVE-2024-49878,
CVE-2024-49879, CVE-2024-49880, CVE-2024-49881, CVE-2024-49882,
CVE-2024-49883, CVE-2024-49884, CVE-2024-49885, CVE-2024-49886,
CVE-2024-49888, CVE-2024-49889, CVE-2024-49890, CVE-2024-49891,
CVE-2024-49892, CVE-2024-49894, CVE-2024-49895, CVE-2024-49896,
CVE-2024-49897, CVE-2024-49898, CVE-2024-49900, CVE-2024-49901,
CVE-2024-49902, CVE-2024-49903, CVE-2024-49905, CVE-2024-49907,
CVE-2024-49909, CVE-2024-49911, CVE-2024-49912, CVE-2024-49913,
CVE-2024-49915, CVE-2024-49917, CVE-2024-49918, CVE-2024-49919,
CVE-2024-49922, CVE-2024-49923, CVE-2024-49924, CVE-2024-49925,
CVE-2024-49926, CVE-2024-49927, CVE-2024-49928, CVE-2024-49929,
CVE-2024-49930, CVE-2024-49931, CVE-2024-49933, CVE-2024-49934,
CVE-2024-49935, CVE-2024-49936, CVE-2024-49937, CVE-2024-49938,
CVE-2024-49939, CVE-2024-49942, CVE-2024-49944, CVE-2024-49945,
CVE-2024-49946, CVE-2024-49947, CVE-2024-49948, CVE-2024-49949,
CVE-2024-49950, CVE-2024-49951, CVE-2024-49952, CVE-2024-49953,
CVE-2024-49954, CVE-2024-49955, CVE-2024-49957, CVE-2024-49958,
CVE-2024-49959, CVE-2024-49960, CVE-2024-49961, CVE-2024-49962,
CVE-2024-49963, CVE-2024-49965, CVE-2024-49966, CVE-2024-49969,
CVE-2024-49973, CVE-2024-49974, CVE-2024-49975, CVE-2024-49976,
CVE-2024-49977, CVE-2024-49978, CVE-2024-49980, CVE-2024-49981,
CVE-2024-49982, CVE-2024-49983, CVE-2024-49985, CVE-2024-49986,
CVE-2024-49987, CVE-2024-49988, CVE-2024-49989, CVE-2024-49991,
CVE-2024-49992, CVE-2024-49994, CVE-2024-49995, CVE-2024-49996,
CVE-2024-49997, CVE-2024-49998, CVE-2024-49999, CVE-2024-50000,
CVE-2024-50001, CVE-2024-50002, CVE-2024-50005, CVE-2024-50006,
CVE-2024-50007, CVE-2024-50008, CVE-2024-50012, CVE-2024-50013,
CVE-2024-50014, CVE-2024-50015, CVE-2024-50016, CVE-2024-50017,
CVE-2024-50175, CVE-2024-50176, CVE-2024-50179, CVE-2024-53144

Package Information:
https://launchpad.net/ubuntu/+source/linux-raspi/6.8.0-1019.23
https://launchpad.net/ubuntu/+source/linux-gcp-6.8/6.8.0-1024.26~22.04.1



[USN-7314-1] Kerberos vulnerabilities


==========================================================================
Ubuntu Security Notice USN-7314-1
March 03, 2025

krb5 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS

Summary:

Several security issues were fixed in Kerberos.

Software Description:
- krb5: MIT Kerberos Network Authentication Protocol

Details:

It was discovered that Kerberos incorrectly handled certain memory
operations. A remote attacker could possibly use this issue to cause
Kerberos to consume memory,leading to a denial of service. (CVE-2024-26458,
CVE-2024-26461)

It was discovered that Kerberos incorrectly handled certain memory
operations. A remote attacker could possibly use this issue to cause
Kerberos to consume memory,leading to a denial of service. This issue only
affected Ubuntu 24.04 LTS. (CVE-2024-26462)

It was discovered that the Kerberos kadmind daemon incorrectly handled log
files when incremental propagation was enabled. An authenticated attacker
could use this issue to cause kadmind to crash, resulting in a denial of
service, or possibly execute arbitrary code. (CVE-2025-24528)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.10
krb5-admin-server 1.21.3-3ubuntu0.2
krb5-kdc 1.21.3-3ubuntu0.2
libgssapi-krb5-2 1.21.3-3ubuntu0.2
libgssrpc4t64 1.21.3-3ubuntu0.2
libkdb5-10t64 1.21.3-3ubuntu0.2

Ubuntu 24.04 LTS
krb5-admin-server 1.20.1-6ubuntu2.5
krb5-kdc 1.20.1-6ubuntu2.5
libgssapi-krb5-2 1.20.1-6ubuntu2.5
libgssrpc4t64 1.20.1-6ubuntu2.5
libkdb5-10t64 1.20.1-6ubuntu2.5

Ubuntu 22.04 LTS
krb5-admin-server 1.19.2-2ubuntu0.6
krb5-kdc 1.19.2-2ubuntu0.6
libgssapi-krb5-2 1.19.2-2ubuntu0.6
libgssrpc4 1.19.2-2ubuntu0.6
libkdb5-10 1.19.2-2ubuntu0.6

Ubuntu 20.04 LTS
krb5-admin-server 1.17-6ubuntu4.9
krb5-kdc 1.17-6ubuntu4.9
libgssapi-krb5-2 1.17-6ubuntu4.9
libgssrpc4 1.17-6ubuntu4.9
libkdb5-9 1.17-6ubuntu4.9

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-7314-1
CVE-2024-26458, CVE-2024-26461, CVE-2024-26462, CVE-2025-24528

Package Information:
https://launchpad.net/ubuntu/+source/krb5/1.21.3-3ubuntu0.2
https://launchpad.net/ubuntu/+source/krb5/1.20.1-6ubuntu2.5
https://launchpad.net/ubuntu/+source/krb5/1.19.2-2ubuntu0.6
https://launchpad.net/ubuntu/+source/krb5/1.17-6ubuntu4.9



[USN-7316-1] Raptor vulnerabilities


==========================================================================
Ubuntu Security Notice USN-7316-1
March 03, 2025

raptor2 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS

Summary:

Several security issues were fixed in Raptor.

Software Description:
- raptor2: RDF syntax library

Details:

It was discovered that Raptor incorrectly handled memory operations when
processing certain input files. A remote attacker could possibly use this
issue to cause Raptor to crash, resulting in a denial of service. This
issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2020-25713)

It was discovered that Raptor incorrectly handled parsing certain tuples. A
remote attacker could possibly use this issue to cause Raptor to crash,
resulting in a denial of service. (CVE-2024-57822)

It was discovered that Raptor incorrectly handled parsing certain turtles.
A remote attacker could use this issue to cause Raptor to crash, resulting
in a denial of service, or possibly execute arbitrary code.
(CVE-2024-57823)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.10
libraptor2-0 2.0.16-4ubuntu0.1
raptor2-utils 2.0.16-4ubuntu0.1

Ubuntu 24.04 LTS
libraptor2-0 2.0.16-3ubuntu0.1
raptor2-utils 2.0.16-3ubuntu0.1

Ubuntu 22.04 LTS
libraptor2-0 2.0.15-0ubuntu4.1
raptor2-utils 2.0.15-0ubuntu4.1

Ubuntu 20.04 LTS
libraptor2-0 2.0.15-0ubuntu1.20.04.2
raptor2-utils 2.0.15-0ubuntu1.20.04.2

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-7316-1
CVE-2020-25713, CVE-2024-57822, CVE-2024-57823

Package Information:
https://launchpad.net/ubuntu/+source/raptor2/2.0.16-4ubuntu0.1
https://launchpad.net/ubuntu/+source/raptor2/2.0.16-3ubuntu0.1
https://launchpad.net/ubuntu/+source/raptor2/2.0.15-0ubuntu4.1
https://launchpad.net/ubuntu/+source/raptor2/2.0.15-0ubuntu1.20.04.2



[USN-7315-1] PostgreSQL vulnerability


==========================================================================
Ubuntu Security Notice USN-7315-1
March 03, 2025

postgresql-12, postgresql-14, postgresql-16 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS

Summary:

PostgreSQL could be made to execute arbitrary code if it received specially
crafted input.

Software Description:
- postgresql-16: Object-relational SQL database
- postgresql-14: Object-relational SQL database
- postgresql-12: Object-relational SQL database

Details:

Stephen Fewer discovered that PostgreSQL incorrectly handled quoting syntax
in certain scenarios. A remote attacker could possibly use this issue to
perform SQL injection attacks.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.10
postgresql-16 16.8-0ubuntu0.24.10.1
postgresql-client-16 16.8-0ubuntu0.24.10.1

Ubuntu 24.04 LTS
postgresql-16 16.8-0ubuntu0.24.04.1
postgresql-client-16 16.8-0ubuntu0.24.04.1

Ubuntu 22.04 LTS
postgresql-14 14.17-0ubuntu0.22.04.1
postgresql-client-14 14.17-0ubuntu0.22.04.1

Ubuntu 20.04 LTS
postgresql-12 12.22-0ubuntu0.20.04.2
postgresql-client-12 12.22-0ubuntu0.20.04.2

This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart PostgreSQL to
make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-7315-1
CVE-2025-1094

Package Information:
https://launchpad.net/ubuntu/+source/postgresql-16/16.8-0ubuntu0.24.10.1
https://launchpad.net/ubuntu/+source/postgresql-16/16.8-0ubuntu0.24.04.1
https://launchpad.net/ubuntu/+source/postgresql-14/14.17-0ubuntu0.22.04.1
https://launchpad.net/ubuntu/+source/postgresql-12/12.22-0ubuntu0.20.04.2



[USN-7313-1] Erlang vulnerability


==========================================================================
Ubuntu Security Notice USN-7313-1
March 03, 2025

erlang vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS

Summary:

Erlang could be made to consume resources if it received specially crafted
network traffic.

Software Description:
- erlang: Concurrent, real-time, distributed functional language

Details:

It was discovered that Erlang incorrectly handled SFTP packet sizes. A
remote attacker could possibly use this issue to cause Erlang to consume
resources, resulting in a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.10
erlang 1:25.3.2.12+dfsg-1ubuntu2.1
erlang-ssh 1:25.3.2.12+dfsg-1ubuntu2.1

Ubuntu 24.04 LTS
erlang 1:25.3.2.8+dfsg-1ubuntu4.1
erlang-ssh 1:25.3.2.8+dfsg-1ubuntu4.1

Ubuntu 22.04 LTS
erlang 1:24.2.1+dfsg-1ubuntu0.2
erlang-ssh 1:24.2.1+dfsg-1ubuntu0.2

Ubuntu 20.04 LTS
erlang 1:22.2.7+dfsg-1ubuntu0.3
erlang-ssh 1:22.2.7+dfsg-1ubuntu0.3

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-7313-1
CVE-2025-26618

Package Information:
https://launchpad.net/ubuntu/+source/erlang/1:25.3.2.12+dfsg-1ubuntu2.1
https://launchpad.net/ubuntu/+source/erlang/1:25.3.2.8+dfsg-1ubuntu4.1
https://launchpad.net/ubuntu/+source/erlang/1:24.2.1+dfsg-1ubuntu0.2
https://launchpad.net/ubuntu/+source/erlang/1:22.2.7+dfsg-1ubuntu0.3



[USN-7319-1] cmark-gfm vulnerabilities


==========================================================================
Ubuntu Security Notice USN-7319-1
March 03, 2025

cmark-gfm vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS

Summary:

Several security issues were fixed in cmark-gfm.

Software Description:
- cmark-gfm: CommonMark parsing and rendering program, GitHub flavor

Details:

It was discovered that cmark-gfm's autolink extension did not correctly
handle parsing large inputs. An attacker could possibly use this issue
to cause a denial of service. This issue only affected Ubuntu 20.04 LTS
and Ubuntu 22.04 LTS. (CVE-2022-39209)

It was discovered that cmark-gfm did not correctly handle parsing large
inputs. An attacker could possibly use this issue to cause a denial of
service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS and
Ubuntu 24.10. (CVE-2023-22483)

It was discovered that cmark-gfm did not correctly handle parsing large
inputs. An attacker could possibly use this issue to cause a denial of
service. This issue only affected Ubuntu 24.04 LTS and Ubuntu 24.10.
(CVE-2023-22484)

It was discovered that cmark-gfm did not correctly handle parsing large
inputs. An attacker could possibly use this issue to cause a denial of
service. (CVE-2023-22486, CVE-2023-26485)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.10
  cmark-gfm                       0.29.0.gfm.6-6ubuntu0.24.10.1

Ubuntu 24.04 LTS
  cmark-gfm 0.29.0.gfm.6-6ubuntu0.24.04.1~esm1
                                  Available with Ubuntu Pro

Ubuntu 22.04 LTS
  cmark-gfm                       0.29.0.gfm.3-3ubuntu0.1~esm1
                                  Available with Ubuntu Pro

Ubuntu 20.04 LTS
  cmark-gfm                       0.29.0.gfm.0-4ubuntu0.1~esm1
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-7319-1
  CVE-2022-39209, CVE-2023-22483, CVE-2023-22484, CVE-2023-22486,
  CVE-2023-26485

Package Information:
https://launchpad.net/ubuntu/+source/cmark-gfm/0.29.0.gfm.6-6ubuntu0.24.10.1



[USN-7318-1] SPIP vulnerabilities


==========================================================================
Ubuntu Security Notice USN-7318-1
March 04, 2025

spip vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS

Summary:

Several security issues were fixed in spip.

Software Description:
- spip: website engine for publishing

Details:

It was discovered that svg-sanitizer, vendored in SPIP, did not properly
sanitize SVG/XML content. An attacker could possibly use this issue to
perform cross site scripting. This issue only affected Ubuntu 24.10.
(CVE-2022-23638)

It was discovered that SPIP did not properly sanitize certain inputs. A
remote attacker could possibly use this issue to perform cross site
scripting. This issue only affected Ubuntu 18.04 LTS. (CVE-2022-28959)

It was discovered that SPIP did not properly sanitize certain inputs. A
remote attacker could possibly use this issue to perform PHP injection
attacks. This issue only affected Ubuntu 18.04 LTS. (CVE-2022-28960)

It was discovered that SPIP did not properly sanitize certain inputs. A
remote attacker could possibly use this issue to perform SQL injection
attacks. This issue only affected Ubuntu 18.04 LTS. (CVE-2022-28961)

It was discovered that SPIP did not properly sanitize certain inputs. A
remote authenticated attacker could possibly use this issue to execute
arbitrary code. This issue only affected Ubuntu 18.04 LTS. (CVE-2022-37155)

It was discovered that SPIP did not properly sanitize certain inputs. A
remote attacker could possibly use this issue to perform SQL injection
attacks. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
(CVE-2023-24258)

It was discovered that SPIP did not properly handle serialization under
certain circumstances. A remote attacker could possibly use this issue to
execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and
Ubuntu 20.04 LTS. (CVE-2023-27372)

It was discovered that SPIP did not properly sanitize HTTP requests. A
remote attacker could possibly use this issue to execute arbitrary code.
(CVE-2024-8517)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.10
  spip                            4.3.1+dfsg-1ubuntu0.1

Ubuntu 20.04 LTS
  spip                            3.2.7-1ubuntu0.1+esm2
                                  Available with Ubuntu Pro

Ubuntu 18.04 LTS
  spip                            3.1.4-4~deb9u5ubuntu0.1~esm2
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-7318-1
  CVE-2022-23638, CVE-2022-28959, CVE-2022-28960, CVE-2022-28961,
  CVE-2022-37155, CVE-2023-24258, CVE-2023-27372, CVE-2024-8517

Package Information:
  https://launchpad.net/ubuntu/+source/spip/4.3.1+dfsg-1ubuntu0.1



[USN-7317-1] wpa_supplicant and hostapd vulnerabilities


==========================================================================
Ubuntu Security Notice USN-7317-1
March 03, 2025

wpa vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS

Summary:

wpa_supplicant and hostapd could be made to expose sensitive information
over the network.

Software Description:
- wpa: client support for WPA and WPA2

Details:

George Chatzisofroniou and Panayiotis Kotzanikolaou discovered that
wpa_supplicant and hostapd reused encryption elements in the PKEX protocol.
An attacker could possibly use this issue to impersonate a wireless access
point, and obtain sensitive information. (CVE-2022-37660)

Daniel De Almeida Braga, Mohamed Sabt, and Pierre-Alain Fouque discovered
that wpa_supplicant and hostapd were vulnerable to side channel attacks due
to the cache access patterns. An attacker could possibly use this issue to
obtain sensitive information. This issue only affected Ubuntu 20.04 LTS.
(CVE-2022-23303, CVE-2022-23304)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.10
  hostapd                         2:2.10-22ubuntu0.1
  wpasupplicant                   2:2.10-22ubuntu0.1

Ubuntu 24.04 LTS
  hostapd                         2:2.10-21ubuntu0.2
  wpasupplicant                   2:2.10-21ubuntu0.2

Ubuntu 22.04 LTS
  hostapd                         2:2.10-6ubuntu2.2
  wpasupplicant                   2:2.10-6ubuntu2.2

Ubuntu 20.04 LTS
  hostapd                         2:2.9-1ubuntu4.6
  wpasupplicant                   2:2.9-1ubuntu4.6

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-7317-1
  CVE-2022-23303, CVE-2022-23304, CVE-2022-37660

Package Information:
  https://launchpad.net/ubuntu/+source/wpa/2:2.10-22ubuntu0.1
  https://launchpad.net/ubuntu/+source/wpa/2:2.10-21ubuntu0.2
  https://launchpad.net/ubuntu/+source/wpa/2:2.10-6ubuntu2.2
  https://launchpad.net/ubuntu/+source/wpa/2:2.9-1ubuntu4.6



[USN-7283-1] Apache Solr vulnerability


==========================================================================
Ubuntu Security Notice USN-7283-1
February 21, 2025

lucene-solr vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS

Summary:

Apache Solr could be made to execute arbitrary code if it received
specially crafted input.

Software Description:
- lucene-solr: Full-text search engine library for Java

Details:

It was discovered that the Apache Solr DataImportHandler module incorrectly
handled certain request parameters in a default configuration. A remote
attacker could possibly use this issue to execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS
liblucene3-contrib-java 3.6.2+dfsg-18~18.04.1~esm2
Available with Ubuntu Pro
liblucene3-java 3.6.2+dfsg-18~18.04.1~esm2
Available with Ubuntu Pro
libsolr-java 3.6.2+dfsg-18~18.04.1~esm2
Available with Ubuntu Pro

Ubuntu 16.04 LTS
liblucene3-contrib-java 3.6.2+dfsg-8ubuntu0.1+esm1
Available with Ubuntu Pro
liblucene3-java 3.6.2+dfsg-8ubuntu0.1+esm1
Available with Ubuntu Pro
libsolr-java 3.6.2+dfsg-8ubuntu0.1+esm1
Available with Ubuntu Pro

Ubuntu 14.04 LTS
liblucene3-contrib-java 3.6.2+dfsg-2ubuntu0.1~esm4
Available with Ubuntu Pro
liblucene3-java 3.6.2+dfsg-2ubuntu0.1~esm4
Available with Ubuntu Pro
libsolr-java 3.6.2+dfsg-2ubuntu0.1~esm4
Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-7283-1
CVE-2019-0193



[USN-7282-1] tomcat7 vulnerabilities


==========================================================================
Ubuntu Security Notice USN-7282-1
February 21, 2025

tomcat7 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 LTS

Summary:

tomcat7 could be made to execute arbitrary code.

Software Description:
- tomcat7: Servlet and JSP engine

Details:

It was discovered that Tomcat incorrectly handled being configured with
HTTP PUTs enabled. A remote attacker could use this issue to upload a JSP
file to the server and execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS
libtomcat7-java 7.0.68-1ubuntu0.4+esm3
Available with Ubuntu Pro
tomcat7 7.0.68-1ubuntu0.4+esm3
Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-7282-1
CVE-2017-12616, CVE-2017-12617


GnuTLS, U-Boot, Trivy, FFMpeg, Govulncheck-Vulndb, Kernel, Skopeo updates for SUSE

EIZO FlexScan EV4340X Review and more

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.org  I ...