Linux kernel vulnerabilities

Releases

• Ubuntu 20.04 LTS
• Ubuntu 18.04 ESM

Packages

• linux - Linux kernel
• linux-aws - Linux kernel for Amazon Web Services (AWS) systems
• linux-aws-5.4 - Linux kernel for Amazon Web Services (AWS) systems
• linux-azure - Linux kernel for Microsoft Azure Cloud systems
• linux-azure-5.4 - Linux kernel for Microsoft Azure cloud systems
• linux-bluefield - Linux kernel for NVIDIA BlueField platforms
• linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
• linux-gcp-5.4 - Linux kernel for Google Cloud Platform (GCP) systems
• linux-gkeop - Linux kernel for Google Container Engine (GKE) systems
• linux-hwe-5.4 - Linux hardware enablement (HWE) kernel
• linux-ibm - Linux kernel for IBM cloud systems
• linux-ibm-5.4 - Linux kernel for IBM cloud systems
• linux-kvm - Linux kernel for cloud environments
• linux-oracle - Linux kernel for Oracle Cloud systems
• linux-oracle-5.4 - Linux kernel for Oracle Cloud systems
• linux-raspi - Linux kernel for Raspberry Pi systems
• linux-raspi-5.4 - Linux kernel for Raspberry Pi systems

Details

Pratyush Yadav discovered that the Xen network backend implementation in
the Linux kernel did not properly handle zero length data request, leading
to a null pointer dereference vulnerability. An attacker in a guest VM
could possibly use this to cause a denial of service (host domain crash).
(CVE-2023-46838)

It was discovered that the IPv6 implementation of the Linux kernel did not
properly manage route cache memory usage. A remote attacker could use this
to cause a denial of service (memory exhaustion). (CVE-2023-52340)

It was discovered that the device mapper driver in the Linux kernel did not
properly validate target size during certain memory allocations. A local
attacker could use this to cause a denial of service (system crash).
(CVE-2023-52429, CVE-2024-23851)

Dan Carpenter discovered that the netfilter subsystem in the Linux kernel
did not store data in properly sized memory locations. A local user could
use this to cause a denial of service (system crash). (CVE-2024-0607)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:

• Architecture specifics;
• Cryptographic API;
• Android drivers;
• EDAC drivers;
• GPU drivers;
• Media drivers;
• MTD block device drivers;
• Network drivers;
• NVME drivers;
• TTY drivers;
• Userspace I/O drivers;
• F2FS file system;
• GFS2 file system;
• IPv6 Networking;
• AppArmor security module;
  (CVE-2023-52464, CVE-2023-52448, CVE-2023-52457, CVE-2023-52443,
  CVE-2023-52439, CVE-2023-52612, CVE-2024-26633, CVE-2024-26597,
  CVE-2023-52449, CVE-2023-52444, CVE-2023-52609, CVE-2023-52469,
  CVE-2023-52445, CVE-2023-52451, CVE-2023-52470, CVE-2023-52454,
  CVE-2023-52436, CVE-2023-52438)