AZL-48480 CVE-2024-43819 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: kvm: s390: Reject memory region operations for ucontrol VMs This change rejects the KVMSETUSERMEMORYREGION and KVMSETUSERMEMORYREGION2 ioctls when called on a ucontrol VM. This is necessary since ucontrol VMs have kvm-arch.gmap s...

AZL-48517 CVE-2024-43819 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: kvm: s390: Reject memory region operations for ucontrol VMs This change rejects the KVMSETUSERMEMORYREGION and KVMSETUSERMEMORYREGION2 ioctls when called on a ucontrol VM. This is necessary since ucontrol VMs have kvm-arch.gmap s...

DEBIAN-CVE-2024-43819

In the Linux kernel, the following vulnerability has been resolved: kvm: s390: Reject memory region operations for ucontrol VMs This change rejects the KVMSETUSERMEMORYREGION and KVMSETUSERMEMORYREGION2 ioctls when called on a ucontrol VM. This is necessary since ucontrol VMs have kvm-arch.gmap s...

CVE-2024-43819 kvm: s390: Reject memory region operations for ucontrol VMs

In the Linux kernel, the following vulnerability has been resolved: kvm: s390: Reject memory region operations for ucontrol VMs This change rejects the KVMSETUSERMEMORYREGION and KVMSETUSERMEMORYREGION2 ioctls when called on a ucontrol VM. This is necessary since ucontrol VMs have kvm-arch.gmap s...

CVE-2024-42263

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix potential memory leak in the timestamp extension If fetching of userspace memory fails during the main loop, all drm sync objs looked up until that point will be leaked because of the missing drmsyncobjput. Fix it by...

DEBIAN-CVE-2024-42263

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix potential memory leak in the timestamp extension If fetching of userspace memory fails during the main loop, all drm sync objs looked up until that point will be leaked because of the missing drmsyncobjput. Fix it by...

UBUNTU-CVE-2024-42262

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix potential memory leak in the performance extension If fetching of userspace memory fails during the main loop, all drm sync objs looked up until that point will be leaked because of the missing drmsyncobjput. Fix it ...

CVE-2024-42262

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix potential memory leak in the performance extension If fetching of userspace memory fails during the main loop, all drm sync objs looked up until that point will be leaked because of the missing drmsyncobjput. Fix it ...

UBUNTU-CVE-2024-42263

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix potential memory leak in the timestamp extension If fetching of userspace memory fails during the main loop, all drm sync objs looked up until that point will be leaked because of the missing drmsyncobjput. Fix it by...

CVE-2024-42313 media: venus: fix use after free in vdec_close

In the Linux kernel, the following vulnerability has been resolved: media: venus: fix use after free in vdecclose There appears to be a possible use after free with vdecclose. The firmware will add buffer release work to the work queue through HFI callbacks as a normal part of decoding. Randomly...

CVE-2024-42313 media: venus: fix use after free in vdec_close

In the Linux kernel, the following vulnerability has been resolved: media: venus: fix use after free in vdecclose There appears to be a possible use after free with vdecclose. The firmware will add buffer release work to the work queue through HFI callbacks as a normal part of decoding. Randomly...

CVE-2024-42264 drm/v3d: Prevent out of bounds access in performance query extensions

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Prevent out of bounds access in performance query extensions Check that the number of perfmons userspace is passing in the copy and reset extensions is not greater than the internal kernel storage where the ids will be...

CVE-2024-42263

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix potential memory leak in the timestamp extension If fetching of userspace memory fails during the main loop, all drm sync objs looked up until that point will be leaked because of the missing drmsyncobjput. Fix it by...

CVE-2024-42260 drm/v3d: Validate passed in drm syncobj handles in the performance extension

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Validate passed in drm syncobj handles in the performance extension If userspace provides an unknown or invalid handle anywhere in the handle array the rest of the driver will not handle that well. Fix it by checking...

USN-6949-2 linux-lowlatency, linux-raspi vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - M68K architecture; - OpenRISC architecture; - PowerPC architecture; -...

Ubuntu 24.04 LTS : Linux kernel (Azure) vulnerabilities (USN-6952-2)

"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6952-2 advisory. Benedict Schlter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious VC interrupts and...

USN-6955-1 linux-oem-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - M68K architecture; - OpenRISC architecture; - PowerPC architecture; -...

Unbreakable Enterprise kernel security update

4.14.35-2047.539.5 - Revert 'mm/writeback: fix possible divide-by-zero in wbdirtylimits, again' Jan Kara - net/mlx5e: drop shorter ethernet frames Manjunath Patil Orabug: 36879158 CVE-2024-41090 CVE-2024-41091 4.14.35-2047.539.4 - Fix parsing error in UEK5 kernel-uek-spec Yifei Liu Orabug: 368471...

kernel: block: Fix wrong offset in bio_truncate()

In the Linux kernel, the following vulnerability has been resolved: block: Fix wrong offset in biotruncate biotruncate clears the buffer outside of last block of bdev, however current biotruncate is using the wrong offset of page. So it can return the uninitialized data. This happened when both o...

Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel vulnerabilities (USN-6949-1)

"The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6949-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...