CLSA-2024-1721659158 Fix of 66 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-26810 - vfio/pci: Lock external INTx masking ops CVE-url: https://ubuntu.com/security/CVE-2024-38587 - speakup: Fix sizeof vs ARRAYSIZE bug CVE-url: https://ubuntu.com/security/CVE-2024-39493 - crypto: qat - Fix ADFDEVRESETSYNC memory leak CVE-url:...

UBUNTU-CVE-2022-48781

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - get rid of algmemoryallocated algmemoryallocated does not seem to be really used. algproto does have a .memoryallocated field, but no corresponding .sysctlmem. This means skhasaccount returns true, but all...

USN-4258-1 linux-aws-5.0, linux-gcp, linux-gke-5.0, linux-oracle-5.0 vulnerabilities

It was discovered that the Atheros 802.11ac wireless USB device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service system crash. CVE-2019-15099 It was discovered that a race condition existed in the...

The vulnerability of the PA-RISC CRYPTO_memcmp function in the OpenSSL library, related to information disclosure, allows attackers to gain access to confidential data.

The vulnerability of the PA-RISC CRYPTOmemcmp function in the OpenSSL library is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to gain access to confidential data...

USN-3872-1 linux-hwe vulnerabilities

It was discovered that a race condition existed in the vsock address family implementation of the Linux kernel that could lead to a use-after-free condition. A local attacker in a guest virtual machine could use this to expose sensitive information host machine kernel memory. CVE-2018-14625 Cfir...