AZL-47814 CVE-2024-42270 affecting package kernel for versions less than 6.6.47.1-1

In the Linux kernel, the following vulnerability has been resolved: netfilter: iptables: Fix null-ptr-deref in iptablenattableinit. We had a report that iptables-restore sometimes triggered null-ptr-deref at boot time. 0 The problem is that iptablenattableinit is exposed to user space before the...

DEBIAN-CVE-2024-42260

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Validate passed in drm syncobj handles in the performance extension If userspace provides an unknown or invalid handle anywhere in the handle array the rest of the driver will not handle that well. Fix it by checking...

UBUNTU-CVE-2024-42298

In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl: fslqmcaudio: Check devmkasprintf returned value devmkasprintf can return a NULL pointer on failure but this returned value is not checked. Fix this lack and check the returned value...

UBUNTU-CVE-2024-42269

In the Linux kernel, the following vulnerability has been resolved: netfilter: iptables: Fix potential null-ptr-deref in ip6tablenattableinit. ip6tablenattableinit accesses net-gen-ptrip6tablenatnetops.id, but the function is exposed to user space before the entry is allocated via...

UBUNTU-CVE-2024-42270

In the Linux kernel, the following vulnerability has been resolved: netfilter: iptables: Fix null-ptr-deref in iptablenattableinit. We had a report that iptables-restore sometimes triggered null-ptr-deref at boot time. 0 The problem is that iptablenattableinit is exposed to user space before the...

UBUNTU-CVE-2024-42283

In the Linux kernel, the following vulnerability has been resolved: net: nexthop: Initialize all fields in dumped nexthops struct nexthopgrp contains two reserved fields that are not initialized by nlaputnhgroup, and carry garbage. This can be observed e.g. with strace edited for clarity: ip...

Race condition vulnerability in Linux kernel media/xc4000 xc4000_get_frequency()

...

net: dsa: mv88e6xxx: Correct check for empty list

...

CVE-2024-41098

...

USN-6951-2: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - M68K architecture; - User-Mode Linux UML; - x86 architecture; - Accessibility subsystem; -...

USN-6951-2 linux-azure vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - M68K architecture; - User-Mode Linux UML; - x86 architecture; - Accessibility subsystem; -...

CLSA-2024-1723622869 Fix of 29 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-42236 - usb: gadget: configfs: Prevent OOB read/write in usbstringcopy CVE-url: https://ubuntu.com/security/CVE-2024-41095 - drm/nouveau/dispnv04: fix null pointer dereference in nv17tvgetldmodes CVE-url: https://ubuntu.com/security/CVE-2024-41098 -...

kernel: tty: Fix out-of-bound vmalloc access in imageblit

A vulnerability was found in the Linux kernel's tty subsystem within the imageblit function when a userspace program performs an ioctl operation with the FBIOPUTVSCREENINFO command, passing a fbvarscreeninfo structure with limited fields. If the structure’s values remain unchanged from a previous...

kernel: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes

CVE-2024-35789 is a vulnerability in the Linux kernel’s Wi-Fi subsystem mac80211. It occurs when a station is moved out of a VLAN, and the VLAN is subsequently deleted. A reference to the deleted VLAN’s network device may remain, leading to a use-after-free condition. This can result in system...

kernel: wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete

A flaw was found in the Linux kernel. This vulnerability affects the ath9k wireless driver in the Linux kernel, specifically used with ath9khtc devices. The issue arises from a race condition where certain initialization processes are incomplete when the system begins handling WiFi-related events...

kernel: tty: Fix out-of-bound vmalloc access in imageblit

A vulnerability was found in the Linux kernel's tty subsystem within the imageblit function when a userspace program performs an ioctl operation with the FBIOPUTVSCREENINFO command, passing a fbvarscreeninfo structure with limited fields. If the structure’s values remain unchanged from a previous...

kernel: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes

CVE-2024-35789 is a vulnerability in the Linux kernel’s Wi-Fi subsystem mac80211. It occurs when a station is moved out of a VLAN, and the VLAN is subsequently deleted. A reference to the deleted VLAN’s network device may remain, leading to a use-after-free condition. This can result in system...

Ubuntu 20.04 LTS : Linux kernel (Azure) vulnerabilities (USN-6951-2)

"The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6951-2 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws i...

USN-6949-2 linux-lowlatency, linux-raspi vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - M68K architecture; - OpenRISC architecture; - PowerPC architecture; -...

USN-6950-3 linux-oracle vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - Block layer subsystem; - Bluetooth drivers; - Clock framework and...