Linux Kernel and Apache HTTP Server updates for Ubuntu

Ubuntu 6514 Published by

Ubuntu Linux has been updated with security updates, which include fixes for Linux kernel vulnerabilities, Apache HTTP Server vulnerabilities, and Linux kernel vulnerabilities:

[USN-7022-1] Linux kernel vulnerabilities
[USN-6885-3] Apache HTTP Server vulnerabilities
[USN-7021-1] Linux kernel vulnerabilities




[USN-7022-1] Linux kernel vulnerabilities


==========================================================================
Ubuntu Security Notice USN-7022-1
September 18, 2024

linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4,
linux-bluefield, linux-gcp, linux-gcp-5.4, linux-gkeop, linux-hwe-5.4,
linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4,
linux-xilinx-zynqmp vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux: Linux kernel
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
- linux-azure: Linux kernel for Microsoft Azure Cloud systems
- linux-bluefield: Linux kernel for NVIDIA BlueField platforms
- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems
- linux-gkeop: Linux kernel for Google Container Engine (GKE) systems
- linux-ibm: Linux kernel for IBM cloud systems
- linux-kvm: Linux kernel for cloud environments
- linux-oracle: Linux kernel for Oracle Cloud systems
- linux-xilinx-zynqmp: Linux kernel for Xilinx ZynqMP processors
- linux-aws-5.4: Linux kernel for Amazon Web Services (AWS) systems
- linux-azure-5.4: Linux kernel for Microsoft Azure cloud systems
- linux-gcp-5.4: Linux kernel for Google Cloud Platform (GCP) systems
- linux-hwe-5.4: Linux hardware enablement (HWE) kernel
- linux-ibm-5.4: Linux kernel for IBM cloud systems
- linux-oracle-5.4: Linux kernel for Oracle Cloud systems

Details:

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- GPU drivers;
- Modular ISDN driver;
- MMC subsystem;
- SCSI drivers;
- F2FS file system;
- GFS2 file system;
- Netfilter;
- RxRPC session sockets;
- Integrity Measurement Architecture(IMA) framework;
(CVE-2021-47188, CVE-2024-27012, CVE-2024-42228, CVE-2022-48791,
CVE-2024-39494, CVE-2022-48863, CVE-2024-26787, CVE-2024-42160,
CVE-2024-38570, CVE-2024-26677)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS
linux-image-5.4.0-1052-xilinx-zynqmp 5.4.0-1052.56
linux-image-5.4.0-1080-ibm 5.4.0-1080.85
linux-image-5.4.0-1093-bluefield 5.4.0-1093.100
linux-image-5.4.0-1100-gkeop 5.4.0-1100.104
linux-image-5.4.0-1121-kvm 5.4.0-1121.129
linux-image-5.4.0-1132-oracle 5.4.0-1132.141
linux-image-5.4.0-1133-aws 5.4.0-1133.143
linux-image-5.4.0-1137-gcp 5.4.0-1137.146
linux-image-5.4.0-1138-azure 5.4.0-1138.145
linux-image-5.4.0-196-generic 5.4.0-196.216
linux-image-5.4.0-196-generic-lpae 5.4.0-196.216
linux-image-5.4.0-196-lowlatency 5.4.0-196.216
linux-image-aws-lts-20.04 5.4.0.1133.130
linux-image-azure-lts-20.04 5.4.0.1138.132
linux-image-bluefield 5.4.0.1093.89
linux-image-gcp-lts-20.04 5.4.0.1137.139
linux-image-generic 5.4.0.196.194
linux-image-generic-lpae 5.4.0.196.194
linux-image-gkeop 5.4.0.1100.98
linux-image-gkeop-5.4 5.4.0.1100.98
linux-image-ibm-lts-20.04 5.4.0.1080.109
linux-image-kvm 5.4.0.1121.117
linux-image-lowlatency 5.4.0.196.194
linux-image-oem 5.4.0.196.194
linux-image-oem-osp1 5.4.0.196.194
linux-image-oracle-lts-20.04 5.4.0.1132.125
linux-image-virtual 5.4.0.196.194
linux-image-xilinx-zynqmp 5.4.0.1052.52

Ubuntu 18.04 LTS
linux-image-5.4.0-1080-ibm 5.4.0-1080.85~18.04.1
Available with Ubuntu Pro
linux-image-5.4.0-1132-oracle 5.4.0-1132.141~18.04.1
Available with Ubuntu Pro
linux-image-5.4.0-1133-aws 5.4.0-1133.143~18.04.1
Available with Ubuntu Pro
linux-image-5.4.0-1137-gcp 5.4.0-1137.146~18.04.1
Available with Ubuntu Pro
linux-image-5.4.0-1138-azure 5.4.0-1138.145~18.04.1
Available with Ubuntu Pro
linux-image-5.4.0-196-generic 5.4.0-196.216~18.04.1
Available with Ubuntu Pro
linux-image-5.4.0-196-lowlatency 5.4.0-196.216~18.04.1
Available with Ubuntu Pro
linux-image-aws 5.4.0.1133.143~18.04.1
Available with Ubuntu Pro
linux-image-azure 5.4.0.1138.145~18.04.1
Available with Ubuntu Pro
linux-image-gcp 5.4.0.1137.146~18.04.1
Available with Ubuntu Pro
linux-image-generic-hwe-18.04 5.4.0.196.216~18.04.1
Available with Ubuntu Pro
linux-image-ibm 5.4.0.1080.85~18.04.1
Available with Ubuntu Pro
linux-image-lowlatency-hwe-18.04 5.4.0.196.216~18.04.1
Available with Ubuntu Pro
linux-image-oem 5.4.0.196.216~18.04.1
Available with Ubuntu Pro
linux-image-oem-osp1 5.4.0.196.216~18.04.1
Available with Ubuntu Pro
linux-image-oracle 5.4.0.1132.141~18.04.1
Available with Ubuntu Pro
linux-image-snapdragon-hwe-18.04 5.4.0.196.216~18.04.1
Available with Ubuntu Pro
linux-image-virtual-hwe-18.04 5.4.0.196.216~18.04.1
Available with Ubuntu Pro

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-7022-1
CVE-2021-47188, CVE-2022-48791, CVE-2022-48863, CVE-2024-26677,
CVE-2024-26787, CVE-2024-27012, CVE-2024-38570, CVE-2024-39494,
CVE-2024-42160, CVE-2024-42228

Package Information:
https://launchpad.net/ubuntu/+source/linux/5.4.0-196.216
https://launchpad.net/ubuntu/+source/linux-aws/5.4.0-1133.143
https://launchpad.net/ubuntu/+source/linux-azure/5.4.0-1138.145
https://launchpad.net/ubuntu/+source/linux-bluefield/5.4.0-1093.100
https://launchpad.net/ubuntu/+source/linux-gcp/5.4.0-1137.146
https://launchpad.net/ubuntu/+source/linux-gkeop/5.4.0-1100.104
https://launchpad.net/ubuntu/+source/linux-ibm/5.4.0-1080.85
https://launchpad.net/ubuntu/+source/linux-kvm/5.4.0-1121.129
https://launchpad.net/ubuntu/+source/linux-oracle/5.4.0-1132.141
https://launchpad.net/ubuntu/+source/linux-xilinx-zynqmp/5.4.0-1052.56



[USN-6885-3] Apache HTTP Server vulnerabilities


==========================================================================
Ubuntu Security Notice USN-6885-3
September 18, 2024

apache2 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS

Summary:

Several security issues were fixed in Apache HTTP Server.

Software Description:
- apache2: Apache HTTP server

Details:

USN-6885-1 fixed several vulnerabilities in Apache. This update provides
the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.

Original advisory details:

Orange Tsai discovered that the Apache HTTP Server mod_rewrite module
incorrectly handled certain substitutions. A remote attacker could
possibly use this issue to execute scripts in directories not directly
reachable by any URL, or cause a denial of service. Some environments
may require using the new UnsafeAllow3F flag to handle unsafe
substitutions. (CVE-2024-38474, CVE-2024-38475)

Orange Tsai discovered that the Apache HTTP Server incorrectly handled
certain response headers. A remote attacker could possibly use this issue
to obtain sensitive information, execute local scripts, or perform SSRF
attacks. (CVE-2024-38476)

Orange Tsai discovered that the Apache HTTP Server mod_proxy module
incorrectly handled certain requests. A remote attacker could possibly use
this issue to cause the server to crash, resulting in a denial of service.
(CVE-2024-38477)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS
apache2 2.4.29-1ubuntu4.27+esm3
Available with Ubuntu Pro

Ubuntu 16.04 LTS
apache2 2.4.18-2ubuntu3.17+esm13
Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-6885-3
https://ubuntu.com/security/notices/USN-6885-2
https://ubuntu.com/security/notices/USN-6885-1
CVE-2024-38474, CVE-2024-38475, CVE-2024-38476, CVE-2024-38477



[USN-7021-1] Linux kernel vulnerabilities


==========================================================================
Ubuntu Security Notice USN-7021-1
September 18, 2024

linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15,
linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-gkeop-5.15,
linux-hwe-5.15, linux-ibm, linux-intel-iotg, linux-intel-iotg-5.15,
linux-kvm, linux-nvidia, linux-oracle, linux-raspi vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux: Linux kernel
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
- linux-azure: Linux kernel for Microsoft Azure Cloud systems
- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems
- linux-gke: Linux kernel for Google Container Engine (GKE) systems
- linux-gkeop: Linux kernel for Google Container Engine (GKE) systems
- linux-ibm: Linux kernel for IBM cloud systems
- linux-intel-iotg: Linux kernel for Intel IoT platforms
- linux-kvm: Linux kernel for cloud environments
- linux-nvidia: Linux kernel for NVIDIA systems
- linux-oracle: Linux kernel for Oracle Cloud systems
- linux-raspi: Linux kernel for Raspberry Pi systems
- linux-aws-5.15: Linux kernel for Amazon Web Services (AWS) systems
- linux-azure-5.15: Linux kernel for Microsoft Azure cloud systems
- linux-gcp-5.15: Linux kernel for Google Cloud Platform (GCP) systems
- linux-gkeop-5.15: Linux kernel for Google Container Engine (GKE) systems
- linux-hwe-5.15: Linux hardware enablement (HWE) kernel
- linux-intel-iotg-5.15: Linux kernel for Intel IoT platforms

Details:

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- GPU drivers;
- BTRFS file system;
- F2FS file system;
- GFS2 file system;
- BPF subsystem;
- Netfilter;
- RxRPC session sockets;
- Integrity Measurement Architecture(IMA) framework;
(CVE-2024-39496, CVE-2024-41009, CVE-2024-26677, CVE-2024-42160,
CVE-2024-27012, CVE-2024-42228, CVE-2024-39494, CVE-2024-38570)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS
linux-image-5.15.0-1053-gkeop 5.15.0-1053.60
linux-image-5.15.0-1063-ibm 5.15.0-1063.66
linux-image-5.15.0-1063-raspi 5.15.0-1063.66
linux-image-5.15.0-1065-intel-iotg 5.15.0-1065.71
linux-image-5.15.0-1065-nvidia 5.15.0-1065.66
linux-image-5.15.0-1065-nvidia-lowlatency 5.15.0-1065.66
linux-image-5.15.0-1067-gke 5.15.0-1067.73
linux-image-5.15.0-1067-kvm 5.15.0-1067.72
linux-image-5.15.0-1068-oracle 5.15.0-1068.74
linux-image-5.15.0-1069-gcp 5.15.0-1069.77
linux-image-5.15.0-1070-aws 5.15.0-1070.76
linux-image-5.15.0-1073-azure 5.15.0-1073.82
linux-image-5.15.0-122-generic 5.15.0-122.132
linux-image-5.15.0-122-generic-64k 5.15.0-122.132
linux-image-5.15.0-122-generic-lpae 5.15.0-122.132
linux-image-aws-lts-22.04 5.15.0.1070.70
linux-image-azure-lts-22.04 5.15.0.1073.71
linux-image-gcp-lts-22.04 5.15.0.1069.65
linux-image-generic 5.15.0.122.122
linux-image-generic-64k 5.15.0.122.122
linux-image-generic-lpae 5.15.0.122.122
linux-image-gke 5.15.0.1067.66
linux-image-gke-5.15 5.15.0.1067.66
linux-image-gkeop 5.15.0.1053.52
linux-image-gkeop-5.15 5.15.0.1053.52
linux-image-ibm 5.15.0.1063.59
linux-image-intel-iotg 5.15.0.1065.65
linux-image-kvm 5.15.0.1067.63
linux-image-nvidia 5.15.0.1065.65
linux-image-nvidia-lowlatency 5.15.0.1065.65
linux-image-oracle-lts-22.04 5.15.0.1068.64
linux-image-raspi 5.15.0.1063.61
linux-image-raspi-nolpae 5.15.0.1063.61
linux-image-virtual 5.15.0.122.122

Ubuntu 20.04 LTS
linux-image-5.15.0-1053-gkeop 5.15.0-1053.60~20.04.1
linux-image-5.15.0-1065-intel-iotg 5.15.0-1065.71~20.04.1
linux-image-5.15.0-1069-gcp 5.15.0-1069.77~20.04.1
linux-image-5.15.0-1070-aws 5.15.0-1070.76~20.04.1
linux-image-5.15.0-1073-azure 5.15.0-1073.82~20.04.1
linux-image-5.15.0-122-generic 5.15.0-122.132~20.04.1
linux-image-5.15.0-122-generic-64k 5.15.0-122.132~20.04.1
linux-image-5.15.0-122-generic-lpae 5.15.0-122.132~20.04.1
linux-image-aws 5.15.0.1070.76~20.04.1
linux-image-azure 5.15.0.1073.82~20.04.1
linux-image-azure-cvm 5.15.0.1073.82~20.04.1
linux-image-gcp 5.15.0.1069.77~20.04.1
linux-image-generic-64k-hwe-20.04 5.15.0.122.132~20.04.1
linux-image-generic-hwe-20.04 5.15.0.122.132~20.04.1
linux-image-generic-lpae-hwe-20.04 5.15.0.122.132~20.04.1
linux-image-gkeop-5.15 5.15.0.1053.60~20.04.1
linux-image-intel 5.15.0.1065.71~20.04.1
linux-image-intel-iotg 5.15.0.1065.71~20.04.1
linux-image-oem-20.04 5.15.0.122.132~20.04.1
linux-image-oem-20.04b 5.15.0.122.132~20.04.1
linux-image-oem-20.04c 5.15.0.122.132~20.04.1
linux-image-oem-20.04d 5.15.0.122.132~20.04.1
linux-image-virtual-hwe-20.04 5.15.0.122.132~20.04.1

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-7021-1
CVE-2024-26677, CVE-2024-27012, CVE-2024-38570, CVE-2024-39494,
CVE-2024-39496, CVE-2024-41009, CVE-2024-42160, CVE-2024-42228

Package Information:
https://launchpad.net/ubuntu/+source/linux/5.15.0-122.132
https://launchpad.net/ubuntu/+source/linux-aws/5.15.0-1070.76
https://launchpad.net/ubuntu/+source/linux-azure/5.15.0-1073.82
https://launchpad.net/ubuntu/+source/linux-gcp/5.15.0-1069.77
https://launchpad.net/ubuntu/+source/linux-gke/5.15.0-1067.73
https://launchpad.net/ubuntu/+source/linux-gkeop/5.15.0-1053.60
https://launchpad.net/ubuntu/+source/linux-ibm/5.15.0-1063.66
https://launchpad.net/ubuntu/+source/linux-intel-iotg/5.15.0-1065.71
https://launchpad.net/ubuntu/+source/linux-kvm/5.15.0-1067.72
https://launchpad.net/ubuntu/+source/linux-nvidia/5.15.0-1065.66
https://launchpad.net/ubuntu/+source/linux-oracle/5.15.0-1068.74
https://launchpad.net/ubuntu/+source/linux-raspi/5.15.0-1063.66
https://launchpad.net/ubuntu/+source/linux-aws-5.15/5.15.0-1070.76~20.04.1
https://launchpad.net/ubuntu/+source/linux-azure-5.15/5.15.0-1073.82~20.04.1
https://launchpad.net/ubuntu/+source/linux-gcp-5.15/5.15.0-1069.77~20.04.1
https://launchpad.net/ubuntu/+source/linux-gkeop-5.15/5.15.0-1053.60~20.04.1
https://launchpad.net/ubuntu/+source/linux-hwe-5.15/5.15.0-122.132~20.04.1
https://launchpad.net/ubuntu/+source/linux-intel-iotg-5.15/5.15.0-1065.71~20.04.1


Fence-agents, NSS, Greenboot, Oracle-Database-Preinstall-23ai updates for Oracle Linux

Expat and Tinyproxy updates for Debian 11 LTS

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.orgĀ  I ...