Tinyproxy, HWE, Raspberry Pi updates for Ubuntu

Ubuntu 6619 Published by

Ubuntu Linux has received updates that address security vulnerabilities in Tinyproxy, HWE, and Raspberry Pi

[USN-7140-2] Tinyproxy vulnerability
[USN-7154-2] Linux kernel (HWE) vulnerabilities
[USN-7159-5] Linux kernel (Raspberry Pi) vulnerabilities




[USN-7140-2] Tinyproxy vulnerability


==========================================================================
Ubuntu Security Notice USN-7140-2
January 06, 2025

tinyproxy vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 14.04 LTS

Summary:

tinyproxy could be made to expose sensitive information.

Software Description:
- tinyproxy: Lightweight, non-caching, optionally anonymizing HTTP proxy

Details:

USN-7140-1 fixed CVE-2022-40468 in tinyproxy. This update provides the
corresponding update for Ubuntu 14.04 LTS.

Original advisory details:

 It was discovered that Tinyproxy did not properly manage memory under
 certain circumstances. An attacker could possibly use this issue to leak
 left-over heap data if custom error page templates containing special
 non-standard variables are used.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 LTS
  tinyproxy                       1.8.3-3ubuntu14.04.1~esm2
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-7140-2
  https://ubuntu.com/security/notices/USN-7140-1
  CVE-2022-40468



[USN-7154-2] Linux kernel (HWE) vulnerabilities


==========================================================================
Ubuntu Security Notice USN-7154-2
January 06, 2025

linux-hwe-6.8 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-hwe-6.8: Linux hardware enablement (HWE) kernel

Details:

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- MIPS architecture;
- PowerPC architecture;
- RISC-V architecture;
- S390 architecture;
- User-Mode Linux (UML);
- x86 architecture;
- Block layer subsystem;
- Android drivers;
- ATM drivers;
- Drivers core;
- Ublk userspace block driver;
- Bluetooth drivers;
- Character device driver;
- Hardware crypto device drivers;
- Buffer Sharing and Synchronization framework;
- DMA engine subsystem;
- Qualcomm firmware drivers;
- GPIO subsystem;
- GPU drivers;
- HID subsystem;
- Hardware monitoring drivers;
- I2C subsystem;
- I3C subsystem;
- IIO subsystem;
- InfiniBand drivers;
- Input Device core drivers;
- Input Device (Miscellaneous) drivers;
- IOMMU subsystem;
- IRQ chip drivers;
- LED subsystem;
- Mailbox framework;
- Multiple devices driver;
- Media drivers;
- Fastrpc Driver;
- VMware VMCI Driver;
- MMC subsystem;
- Ethernet bonding driver;
- Network drivers;
- Mellanox network drivers;
- Microsoft Azure Network Adapter (MANA) driver;
- Near Field Communication (NFC) drivers;
- NVME drivers;
- Device tree and open firmware driver;
- Parport drivers;
- PCI subsystem;
- Pin controllers subsystem;
- x86 platform drivers;
- Power supply drivers;
- Remote Processor subsystem;
- S/390 drivers;
- SCSI subsystem;
- QCOM SoC drivers;
- SPI subsystem;
- Direct Digital Synthesis drivers;
- Thunderbolt and USB4 drivers;
- TTY drivers;
- UFS subsystem;
- Userspace I/O drivers;
- DesignWare USB3 driver;
- USB Gadget drivers;
- USB Host Controller drivers;
- USB Type-C Connector System Software Interface driver;
- USB over IP driver;
- Virtio Host (VHOST) subsystem;
- Framebuffer layer;
- Xen hypervisor drivers;
- File systems infrastructure;
- BTRFS file system;
- Ext4 file system;
- F2FS file system;
- JFS file system;
- Network file systems library;
- Network file system (NFS) client;
- Network file system (NFS) server daemon;
- NILFS2 file system;
- File system notification infrastructure;
- NTFS3 file system;
- Proc file system;
- SMB network file system;
- Tracing file system;
- Bitmap API;
- BPF subsystem;
- Memory Management;
- Objagg library;
- Perf events;
- Virtio network driver;
- VMware vSockets driver;
- KCM (Kernel Connection Multiplexor) sockets driver;
- Control group (cgroup);
- DMA mapping infrastructure;
- Locking primitives;
- Padata parallel execution mechanism;
- Scheduler infrastructure;
- Tracing infrastructure;
- Radix Tree data structure library;
- Kernel userspace event delivery library;
- KUnit for arithmetic overflow checks;
- Memory management;
- Bluetooth subsystem;
- Ethernet bridge;
- CAN network layer;
- Networking core;
- Ethtool driver;
- IPv4 networking;
- IPv6 networking;
- MAC80211 subsystem;
- Multipath TCP;
- Netfilter;
- Network traffic control;
- SCTP protocol;
- TIPC protocol;
- Wireless networking;
- AppArmor security module;
- Landlock security;
- SELinux security module;
- Simplified Mandatory Access Control Kernel framework;
- FireWire sound drivers;
- AMD SoC Alsa drivers;
- Texas InstrumentS Audio (ASoC/HDA) drivers;
- SoC Audio for Freescale CPUs drivers;
- Intel ASoC drivers;
- Amlogic Meson SoC drivers;
- SoC audio core drivers;
- USB sound devices;
- Real-Time Linux Analysis tools;
(CVE-2024-46783, CVE-2024-44960, CVE-2024-46743, CVE-2024-45009,
CVE-2024-43820, CVE-2024-43888, CVE-2024-45010, CVE-2024-43839,
CVE-2024-42304, CVE-2024-43846, CVE-2024-42258, CVE-2024-45005,
CVE-2024-46709, CVE-2024-46774, CVE-2024-43883, CVE-2024-43859,
CVE-2024-46721, CVE-2024-44944, CVE-2024-43913, CVE-2024-43843,
CVE-2024-43845, CVE-2024-45018, CVE-2024-43909, CVE-2024-46755,
CVE-2024-42284, CVE-2024-42301, CVE-2024-46779, CVE-2024-44971,
CVE-2024-46711, CVE-2024-43889, CVE-2024-46842, CVE-2024-44978,
CVE-2024-46803, CVE-2024-42277, CVE-2024-43892, CVE-2024-45019,
CVE-2024-44988, CVE-2024-46798, CVE-2024-44995, CVE-2024-43860,
CVE-2024-46762, CVE-2024-43831, CVE-2024-44990, CVE-2024-46845,
CVE-2024-46765, CVE-2024-45012, CVE-2024-44975, CVE-2024-46770,
CVE-2024-46802, CVE-2024-44970, CVE-2024-46691, CVE-2024-43833,
CVE-2024-43876, CVE-2024-42292, CVE-2024-42291, CVE-2024-43891,
CVE-2024-46788, CVE-2024-44938, CVE-2024-46710, CVE-2024-42272,
CVE-2024-43868, CVE-2024-43875, CVE-2024-45030, CVE-2024-46689,
CVE-2024-46859, CVE-2024-46795, CVE-2024-46683, CVE-2024-44999,
CVE-2024-44942, CVE-2024-47669, CVE-2024-42318, CVE-2024-43911,
CVE-2024-46693, CVE-2024-42296, CVE-2024-43894, CVE-2024-45002,
CVE-2024-46673, CVE-2024-46852, CVE-2024-45001, CVE-2024-43907,
CVE-2024-42319, CVE-2024-44972, CVE-2024-43905, CVE-2024-45028,
CVE-2024-46816, CVE-2024-46847, CVE-2024-46834, CVE-2024-44982,
CVE-2024-46807, CVE-2024-44948, CVE-2024-46685, CVE-2024-46811,
CVE-2024-42317, CVE-2024-43818, CVE-2024-46786, CVE-2024-43881,
CVE-2024-42294, CVE-2024-46708, CVE-2024-42285, CVE-2024-44941,
CVE-2024-43823, CVE-2024-46694, CVE-2024-46730, CVE-2024-42259,
CVE-2024-42270, CVE-2024-47658, CVE-2024-46718, CVE-2024-44947,
CVE-2024-46701, CVE-2024-43895, CVE-2024-43890, CVE-2024-46826,
CVE-2024-46687, CVE-2024-46768, CVE-2024-45025, CVE-2024-42267,
CVE-2024-42263, CVE-2024-44958, CVE-2024-44989, CVE-2024-43906,
CVE-2024-43869, CVE-2024-43887, CVE-2024-42297, CVE-2024-46702,
CVE-2024-42320, CVE-2024-42322, CVE-2024-46857, CVE-2024-43861,
CVE-2024-45008, CVE-2024-44969, CVE-2024-46821, CVE-2024-44967,
CVE-2024-43914, CVE-2024-46870, CVE-2024-46781, CVE-2024-43842,
CVE-2024-47665, CVE-2024-46753, CVE-2024-43866, CVE-2024-43886,
CVE-2024-44939, CVE-2024-42312, CVE-2024-46864, CVE-2024-46695,
CVE-2024-46818, CVE-2024-45006, CVE-2024-43841, CVE-2024-46703,
CVE-2024-46749, CVE-2024-44986, CVE-2024-46717, CVE-2024-42273,
CVE-2024-43856, CVE-2024-46777, CVE-2024-44984, CVE-2024-46719,
CVE-2024-46858, CVE-2024-43821, CVE-2024-46750, CVE-2024-43829,
CVE-2024-43817, CVE-2024-42281, CVE-2024-42287, CVE-2024-45007,
CVE-2024-46793, CVE-2024-45003, CVE-2024-45011, CVE-2024-47683,
CVE-2024-44934, CVE-2024-46722, CVE-2024-46860, CVE-2024-42314,
CVE-2024-46675, CVE-2024-43899, CVE-2024-46752, CVE-2024-46851,
CVE-2024-42310, CVE-2024-46853, CVE-2024-39472, CVE-2024-43837,
CVE-2024-45021, CVE-2024-46713, CVE-2024-44943, CVE-2024-46787,
CVE-2024-43893, CVE-2024-44946, CVE-2024-45026, CVE-2024-44996,
CVE-2024-46761, CVE-2024-46723, CVE-2024-42311, CVE-2024-42316,
CVE-2024-47663, CVE-2024-44940, CVE-2024-43867, CVE-2024-42265,
CVE-2024-44950, CVE-2024-46867, CVE-2024-45020, CVE-2024-46707,
CVE-2024-44966, CVE-2024-42309, CVE-2024-46767, CVE-2024-46758,
CVE-2024-46732, CVE-2024-42262, CVE-2024-46778, CVE-2024-43884,
CVE-2024-44991, CVE-2024-47668, CVE-2024-46698, CVE-2024-46825,
CVE-2024-42302, CVE-2024-46716, CVE-2024-46726, CVE-2024-43870,
CVE-2024-42307, CVE-2024-46830, CVE-2024-43910, CVE-2024-46735,
CVE-2024-43828, CVE-2024-43904, CVE-2024-44965, CVE-2024-46831,
CVE-2024-44979, CVE-2024-44961, CVE-2024-46771, CVE-2024-46844,
CVE-2024-46871, CVE-2024-43877, CVE-2024-46746, CVE-2024-44987,
CVE-2024-46676, CVE-2024-46766, CVE-2024-46731, CVE-2024-46810,
CVE-2024-46806, CVE-2024-45000, CVE-2024-42313, CVE-2024-45015,
CVE-2024-46784, CVE-2024-43834, CVE-2024-46737, CVE-2024-46797,
CVE-2024-43908, CVE-2024-46724, CVE-2024-44980, CVE-2024-43847,
CVE-2024-46679, CVE-2024-46681, CVE-2024-43819, CVE-2024-46776,
CVE-2024-44954, CVE-2024-45022, CVE-2024-46819, CVE-2024-46775,
CVE-2024-43824, CVE-2024-44953, CVE-2024-46759, CVE-2024-43873,
CVE-2024-46756, CVE-2024-42303, CVE-2024-46738, CVE-2024-42290,
CVE-2024-42295, CVE-2024-43849, CVE-2024-44931, CVE-2024-46741,
CVE-2024-43863, CVE-2024-44974, CVE-2024-46829, CVE-2024-44959,
CVE-2024-42315, CVE-2024-44983, CVE-2024-46715, CVE-2024-46697,
CVE-2024-43850, CVE-2024-46728, CVE-2024-44963, CVE-2024-46823,
CVE-2024-46692, CVE-2024-46760, CVE-2024-46705, CVE-2024-42261,
CVE-2024-42321, CVE-2024-46785, CVE-2024-46686, CVE-2024-49984,
CVE-2024-46706, CVE-2024-45029, CVE-2024-46809, CVE-2024-43827,
CVE-2024-44998, CVE-2024-47667, CVE-2024-43835, CVE-2024-46866,
CVE-2024-46841, CVE-2024-42286, CVE-2024-43852, CVE-2024-43832,
CVE-2024-46773, CVE-2024-46817, CVE-2024-46868, CVE-2024-46812,
CVE-2024-47660, CVE-2024-46725, CVE-2024-42288, CVE-2024-46824,
CVE-2024-42269, CVE-2024-44957, CVE-2024-45017, CVE-2024-46747,
CVE-2024-47662, CVE-2024-46843, CVE-2024-46849, CVE-2024-43879,
CVE-2024-46751, CVE-2024-42298, CVE-2024-46861, CVE-2024-44993,
CVE-2024-46729, CVE-2024-46846, CVE-2024-46794, CVE-2024-43826,
CVE-2024-44973, CVE-2024-46672, CVE-2024-44985, CVE-2024-46815,
CVE-2024-46822, CVE-2024-46754, CVE-2024-43854, CVE-2024-42278,
CVE-2024-46720, CVE-2024-46677, CVE-2024-46854, CVE-2024-43840,
CVE-2024-43830, CVE-2024-46804, CVE-2024-45013, CVE-2024-46782,
CVE-2024-46840, CVE-2024-44977, CVE-2024-46838, CVE-2024-42264,
CVE-2024-47661, CVE-2024-43857, CVE-2023-52918, CVE-2024-44935,
CVE-2024-46739, CVE-2024-43825, CVE-2024-43864, CVE-2024-47659,
CVE-2024-42260, CVE-2024-44962, CVE-2024-46835, CVE-2024-43871,
CVE-2024-47674, CVE-2024-46827, CVE-2024-42283, CVE-2024-42299,
CVE-2024-46714, CVE-2024-46740, CVE-2024-46680, CVE-2024-46791,
CVE-2024-43912, CVE-2024-46813, CVE-2024-46733, CVE-2024-47664,
CVE-2024-42279, CVE-2024-46850, CVE-2024-42289, CVE-2024-46808,
CVE-2024-43880, CVE-2024-46832, CVE-2024-42276, CVE-2024-44937,
CVE-2024-42274, CVE-2024-46772, CVE-2024-47666, CVE-2024-44956,
CVE-2024-46763, CVE-2024-46805, CVE-2023-52889, CVE-2024-46678,
CVE-2024-43902, CVE-2024-46757, CVE-2024-46792, CVE-2024-42268,
CVE-2024-43853, CVE-2024-45027, CVE-2024-42305, CVE-2024-46828,
CVE-2024-43900, CVE-2024-46848, CVE-2024-46814, CVE-2024-46855,
CVE-2024-46727, CVE-2024-46836, CVE-2024-46744, CVE-2024-46780,
CVE-2024-46745, CVE-2024-42306)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS
linux-image-6.8.0-50-generic 6.8.0-50.51~22.04.1
linux-image-6.8.0-50-generic-64k 6.8.0-50.51~22.04.1
linux-image-generic-64k-hwe-22.04 6.8.0-50.51~22.04.1
linux-image-generic-hwe-22.04 6.8.0-50.51~22.04.1
linux-image-oem-22.04 6.8.0-50.51~22.04.1
linux-image-oem-22.04a 6.8.0-50.51~22.04.1
linux-image-oem-22.04b 6.8.0-50.51~22.04.1
linux-image-oem-22.04c 6.8.0-50.51~22.04.1
linux-image-oem-22.04d 6.8.0-50.51~22.04.1
linux-image-virtual-hwe-22.04 6.8.0-50.51~22.04.1

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-7154-2
https://ubuntu.com/security/notices/USN-7154-1
CVE-2023-52889, CVE-2023-52918, CVE-2024-39472, CVE-2024-42258,
CVE-2024-42259, CVE-2024-42260, CVE-2024-42261, CVE-2024-42262,
CVE-2024-42263, CVE-2024-42264, CVE-2024-42265, CVE-2024-42267,
CVE-2024-42268, CVE-2024-42269, CVE-2024-42270, CVE-2024-42272,
CVE-2024-42273, CVE-2024-42274, CVE-2024-42276, CVE-2024-42277,
CVE-2024-42278, CVE-2024-42279, CVE-2024-42281, CVE-2024-42283,
CVE-2024-42284, CVE-2024-42285, CVE-2024-42286, CVE-2024-42287,
CVE-2024-42288, CVE-2024-42289, CVE-2024-42290, CVE-2024-42291,
CVE-2024-42292, CVE-2024-42294, CVE-2024-42295, CVE-2024-42296,
CVE-2024-42297, CVE-2024-42298, CVE-2024-42299, CVE-2024-42301,
CVE-2024-42302, CVE-2024-42303, CVE-2024-42304, CVE-2024-42305,
CVE-2024-42306, CVE-2024-42307, CVE-2024-42309, CVE-2024-42310,
CVE-2024-42311, CVE-2024-42312, CVE-2024-42313, CVE-2024-42314,
CVE-2024-42315, CVE-2024-42316, CVE-2024-42317, CVE-2024-42318,
CVE-2024-42319, CVE-2024-42320, CVE-2024-42321, CVE-2024-42322,
CVE-2024-43817, CVE-2024-43818, CVE-2024-43819, CVE-2024-43820,
CVE-2024-43821, CVE-2024-43823, CVE-2024-43824, CVE-2024-43825,
CVE-2024-43826, CVE-2024-43827, CVE-2024-43828, CVE-2024-43829,
CVE-2024-43830, CVE-2024-43831, CVE-2024-43832, CVE-2024-43833,
CVE-2024-43834, CVE-2024-43835, CVE-2024-43837, CVE-2024-43839,
CVE-2024-43840, CVE-2024-43841, CVE-2024-43842, CVE-2024-43843,
CVE-2024-43845, CVE-2024-43846, CVE-2024-43847, CVE-2024-43849,
CVE-2024-43850, CVE-2024-43852, CVE-2024-43853, CVE-2024-43854,
CVE-2024-43856, CVE-2024-43857, CVE-2024-43859, CVE-2024-43860,
CVE-2024-43861, CVE-2024-43863, CVE-2024-43864, CVE-2024-43866,
CVE-2024-43867, CVE-2024-43868, CVE-2024-43869, CVE-2024-43870,
CVE-2024-43871, CVE-2024-43873, CVE-2024-43875, CVE-2024-43876,
CVE-2024-43877, CVE-2024-43879, CVE-2024-43880, CVE-2024-43881,
CVE-2024-43883, CVE-2024-43884, CVE-2024-43886, CVE-2024-43887,
CVE-2024-43888, CVE-2024-43889, CVE-2024-43890, CVE-2024-43891,
CVE-2024-43892, CVE-2024-43893, CVE-2024-43894, CVE-2024-43895,
CVE-2024-43899, CVE-2024-43900, CVE-2024-43902, CVE-2024-43904,
CVE-2024-43905, CVE-2024-43906, CVE-2024-43907, CVE-2024-43908,
CVE-2024-43909, CVE-2024-43910, CVE-2024-43911, CVE-2024-43912,
CVE-2024-43913, CVE-2024-43914, CVE-2024-44931, CVE-2024-44934,
CVE-2024-44935, CVE-2024-44937, CVE-2024-44938, CVE-2024-44939,
CVE-2024-44940, CVE-2024-44941, CVE-2024-44942, CVE-2024-44943,
CVE-2024-44944, CVE-2024-44946, CVE-2024-44947, CVE-2024-44948,
CVE-2024-44950, CVE-2024-44953, CVE-2024-44954, CVE-2024-44956,
CVE-2024-44957, CVE-2024-44958, CVE-2024-44959, CVE-2024-44960,
CVE-2024-44961, CVE-2024-44962, CVE-2024-44963, CVE-2024-44965,
CVE-2024-44966, CVE-2024-44967, CVE-2024-44969, CVE-2024-44970,
CVE-2024-44971, CVE-2024-44972, CVE-2024-44973, CVE-2024-44974,
CVE-2024-44975, CVE-2024-44977, CVE-2024-44978, CVE-2024-44979,
CVE-2024-44980, CVE-2024-44982, CVE-2024-44983, CVE-2024-44984,
CVE-2024-44985, CVE-2024-44986, CVE-2024-44987, CVE-2024-44988,
CVE-2024-44989, CVE-2024-44990, CVE-2024-44991, CVE-2024-44993,
CVE-2024-44995, CVE-2024-44996, CVE-2024-44998, CVE-2024-44999,
CVE-2024-45000, CVE-2024-45001, CVE-2024-45002, CVE-2024-45003,
CVE-2024-45005, CVE-2024-45006, CVE-2024-45007, CVE-2024-45008,
CVE-2024-45009, CVE-2024-45010, CVE-2024-45011, CVE-2024-45012,
CVE-2024-45013, CVE-2024-45015, CVE-2024-45017, CVE-2024-45018,
CVE-2024-45019, CVE-2024-45020, CVE-2024-45021, CVE-2024-45022,
CVE-2024-45025, CVE-2024-45026, CVE-2024-45027, CVE-2024-45028,
CVE-2024-45029, CVE-2024-45030, CVE-2024-46672, CVE-2024-46673,
CVE-2024-46675, CVE-2024-46676, CVE-2024-46677, CVE-2024-46678,
CVE-2024-46679, CVE-2024-46680, CVE-2024-46681, CVE-2024-46683,
CVE-2024-46685, CVE-2024-46686, CVE-2024-46687, CVE-2024-46689,
CVE-2024-46691, CVE-2024-46692, CVE-2024-46693, CVE-2024-46694,
CVE-2024-46695, CVE-2024-46697, CVE-2024-46698, CVE-2024-46701,
CVE-2024-46702, CVE-2024-46703, CVE-2024-46705, CVE-2024-46706,
CVE-2024-46707, CVE-2024-46708, CVE-2024-46709, CVE-2024-46710,
CVE-2024-46711, CVE-2024-46713, CVE-2024-46714, CVE-2024-46715,
CVE-2024-46716, CVE-2024-46717, CVE-2024-46718, CVE-2024-46719,
CVE-2024-46720, CVE-2024-46721, CVE-2024-46722, CVE-2024-46723,
CVE-2024-46724, CVE-2024-46725, CVE-2024-46726, CVE-2024-46727,
CVE-2024-46728, CVE-2024-46729, CVE-2024-46730, CVE-2024-46731,
CVE-2024-46732, CVE-2024-46733, CVE-2024-46735, CVE-2024-46737,
CVE-2024-46738, CVE-2024-46739, CVE-2024-46740, CVE-2024-46741,
CVE-2024-46743, CVE-2024-46744, CVE-2024-46745, CVE-2024-46746,
CVE-2024-46747, CVE-2024-46749, CVE-2024-46750, CVE-2024-46751,
CVE-2024-46752, CVE-2024-46753, CVE-2024-46754, CVE-2024-46755,
CVE-2024-46756, CVE-2024-46757, CVE-2024-46758, CVE-2024-46759,
CVE-2024-46760, CVE-2024-46761, CVE-2024-46762, CVE-2024-46763,
CVE-2024-46765, CVE-2024-46766, CVE-2024-46767, CVE-2024-46768,
CVE-2024-46770, CVE-2024-46771, CVE-2024-46772, CVE-2024-46773,
CVE-2024-46774, CVE-2024-46775, CVE-2024-46776, CVE-2024-46777,
CVE-2024-46778, CVE-2024-46779, CVE-2024-46780, CVE-2024-46781,
CVE-2024-46782, CVE-2024-46783, CVE-2024-46784, CVE-2024-46785,
CVE-2024-46786, CVE-2024-46787, CVE-2024-46788, CVE-2024-46791,
CVE-2024-46792, CVE-2024-46793, CVE-2024-46794, CVE-2024-46795,
CVE-2024-46797, CVE-2024-46798, CVE-2024-46802, CVE-2024-46803,
CVE-2024-46804, CVE-2024-46805, CVE-2024-46806, CVE-2024-46807,
CVE-2024-46808, CVE-2024-46809, CVE-2024-46810, CVE-2024-46811,
CVE-2024-46812, CVE-2024-46813, CVE-2024-46814, CVE-2024-46815,
CVE-2024-46816, CVE-2024-46817, CVE-2024-46818, CVE-2024-46819,
CVE-2024-46821, CVE-2024-46822, CVE-2024-46823, CVE-2024-46824,
CVE-2024-46825, CVE-2024-46826, CVE-2024-46827, CVE-2024-46828,
CVE-2024-46829, CVE-2024-46830, CVE-2024-46831, CVE-2024-46832,
CVE-2024-46834, CVE-2024-46835, CVE-2024-46836, CVE-2024-46838,
CVE-2024-46840, CVE-2024-46841, CVE-2024-46842, CVE-2024-46843,
CVE-2024-46844, CVE-2024-46845, CVE-2024-46846, CVE-2024-46847,
CVE-2024-46848, CVE-2024-46849, CVE-2024-46850, CVE-2024-46851,
CVE-2024-46852, CVE-2024-46853, CVE-2024-46854, CVE-2024-46855,
CVE-2024-46857, CVE-2024-46858, CVE-2024-46859, CVE-2024-46860,
CVE-2024-46861, CVE-2024-46864, CVE-2024-46866, CVE-2024-46867,
CVE-2024-46868, CVE-2024-46870, CVE-2024-46871, CVE-2024-47658,
CVE-2024-47659, CVE-2024-47660, CVE-2024-47661, CVE-2024-47662,
CVE-2024-47663, CVE-2024-47664, CVE-2024-47665, CVE-2024-47666,
CVE-2024-47667, CVE-2024-47668, CVE-2024-47669, CVE-2024-47674,
CVE-2024-47683, CVE-2024-49984

Package Information:
https://launchpad.net/ubuntu/+source/linux-hwe-6.8/6.8.0-50.51~22.04.1



[USN-7159-5] Linux kernel (Raspberry Pi) vulnerabilities


==========================================================================
Ubuntu Security Notice USN-7159-5
January 06, 2025

linux-raspi-5.4 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 18.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-raspi-5.4: Linux kernel for Raspberry Pi systems

Details:

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM32 architecture;
- ARM64 architecture;
- S390 architecture;
- x86 architecture;
- Power management core;
- GPU drivers;
- InfiniBand drivers;
- Network drivers;
- S/390 drivers;
- TTY drivers;
- BTRFS file system;
- EROFS file system;
- F2FS file system;
- File systems infrastructure;
- BPF subsystem;
- Socket messages infrastructure;
- Bluetooth subsystem;
- Ethernet bridge;
- Networking core;
- IPv4 networking;
- SELinux security module;
(CVE-2022-48938, CVE-2024-42156, CVE-2024-36953, CVE-2024-38538,
CVE-2021-47501, CVE-2024-42068, CVE-2024-26947, CVE-2024-46724,
CVE-2024-36968, CVE-2023-52497, CVE-2024-35951, CVE-2023-52488,
CVE-2024-44940, CVE-2022-48733, CVE-2023-52498, CVE-2022-48943,
CVE-2024-35904, CVE-2024-42077, CVE-2024-36938, CVE-2023-52639,
CVE-2024-42240, CVE-2024-44942, CVE-2021-47076)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS
linux-image-5.4.0-1120-raspi 5.4.0-1120.132~18.04.1
Available with Ubuntu Pro
linux-image-raspi-hwe-18.04 5.4.0.1120.132~18.04.1
Available with Ubuntu Pro

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-7159-5
https://ubuntu.com/security/notices/USN-7159-4
https://ubuntu.com/security/notices/USN-7159-3
https://ubuntu.com/security/notices/USN-7159-2
https://ubuntu.com/security/notices/USN-7159-1
CVE-2021-47076, CVE-2021-47501, CVE-2022-48733, CVE-2022-48938,
CVE-2022-48943, CVE-2023-52488, CVE-2023-52497, CVE-2023-52498,
CVE-2023-52639, CVE-2024-26947, CVE-2024-35904, CVE-2024-35951,
CVE-2024-36938, CVE-2024-36953, CVE-2024-36968, CVE-2024-38538,
CVE-2024-42068, CVE-2024-42077, CVE-2024-42156, CVE-2024-42240,
CVE-2024-44940, CVE-2024-44942, CVE-2024-46724


Dpdk and Sysstat updates for SUSE

Samba 4.21.3 released

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.org  I ...