USN-7233-1 linux, linux-aws, linux-aws-hwe, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Multiple devices driver; - Network drivers; - Mellanox network drivers; - S/390 drivers; - SCSI subsystem; - Sonic...

USN-7232-1: Linux kernel vulnerability

A security issue was discovered in the Linux kernel. An attacker could possibly use this to compromise the system. This update corrects flaws in the following subsystem: - Netfilter; CVE-2024-53141...

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-7233-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7233-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

USN-7179-4 linux-xilinx-zynqmp vulnerabilities

Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-12351 Andy Nguyen discovered that the...

Ubuntu 22.04 LTS : Linux kernel (Xilinx ZynqMP) vulnerabilities (USN-7179-4)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7179-4 advisory. Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type- confusion error. A physically proximate remote...

USN-7166-4 linux-xilinx-zynqmp vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - RISC-V architecture; - S390 architecture; - x86 architecture; - Block layer subsystem; - ACPI...

CVE-2024-57911

In the Linux kernel, the following vulnerability has been resolved: iio: dummy: iiosimplydummybuffer: fix information leak in triggered buffer The 'data' array is allocated via kmalloc and it is used to push data to user space from a triggered buffer, but it does not set values for inactive...

USN-7173-3: Linux kernel (Raspberry Pi) vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Several security issues were discover...

USN-7173-3 linux-raspi-5.4 vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Several security issues were discover...

CVE-2024-53681

In the Linux kernel, the following vulnerability has been resolved: nvmet: Don't overflow subsysnqn nvmetrootdiscoverynqnstore treats the subsysnqn string like a fixed size buffer, even though it is dynamically allocated to the size of the string. Create a new string with kstrndup instead of usin...

DEBIAN-CVE-2024-57898

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: clear link ID from bitmap during link delete after clean up Currently, during link deletion, the link ID is first removed from the validlinks bitmap before performing any clean-up operations. However, some functio...

AZL-68573 CVE-2024-57898 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: clear link ID from bitmap during link delete after clean up Currently, during link deletion, the link ID is first removed from the validlinks bitmap before performing any clean-up operations. However, some functio...

CVE-2024-57844

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix fault on fd close after unbind If userspace holds an fd open, unbinds the device and then closes it, the driver shouldn't try to access the hardware. Protect it by using drmdeventer/drmdevexit. This fixes the followin...

AZL-55872 CVE-2024-36476 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs: Ensure 'ibsge list' is accessible Move the declaration of the 'ibsge list' variable outside the 'alwaysinvalidate' block to ensure it remains accessible for use throughout the function. Previously, 'ibsge list' was...

UBUNTU-CVE-2024-53681

In the Linux kernel, the following vulnerability has been resolved: nvmet: Don't overflow subsysnqn nvmetrootdiscoverynqnstore treats the subsysnqn string like a fixed size buffer, even though it is dynamically allocated to the size of the string. Create a new string with kstrndup instead of usin...

Ubuntu 18.04 LTS : Linux kernel (Raspberry Pi) vulnerabilities (USN-7173-3)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7173-3 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereferenc...

USN-7195-2 linux-azure-5.4 vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Several security issues were discover...

The vulnerability of the _cfg80211_unregister_wdev() function in the net/wireless/core.c module of the Linux kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the cfg80211unregisterwdev function in the net/wireless/core.c module of the Linux kernel is related to the re-release of previously released memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of...

CVE-2024-57849

In the Linux kernel, the following vulnerability has been resolved: s390/cpumsf: Handle CPU hotplug remove during sampling CPU hotplug remove handling triggers the following function call sequence: CPUHPAPPERFS390SFONLINE -- s390pmusfofflinecpu ... CPUHPAPPERFONLINE -- perfeventexitcpu The s390...

UBUNTU-CVE-2024-57849

In the Linux kernel, the following vulnerability has been resolved: s390/cpumsf: Handle CPU hotplug remove during sampling CPU hotplug remove handling triggers the following function call sequence: CPUHPAPPERFS390SFONLINE -- s390pmusfofflinecpu ... CPUHPAPPERFONLINE -- perfeventexitcpu The s390...