Ubuntu 24.04 LTS USN-6999-1 Critical: Kernel Security Flaws
ubuntu
September 11, 2024
Several security issues were fixed in the Linux kernel.
Summary
A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services (AWS) systems - linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems - linux-gke: Linux kernel for Google Container Engine (GKE) systems - linux-ibm: Linux kernel for IBM cloud systems - linux-lowlatency: Linux low latency kernel - linux-oem-6.8: Linux kernel for OEM systems - linux-oracle: Linux kernel for Oracle Cloud systems Details: Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-23848) It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker co...
Read the Full Advisory
Update Instructions
The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS linux-image-6.8.0-1010-gke 6.8.0-1010.13 linux-image-6.8.0-1012-ibm 6.8.0-1012.12 linux-image-6.8.0-1012-oem 6.8.0-1012.12 linux-image-6.8.0-1012-oracle 6.8.0-1012.12 linux-image-6.8.0-1012-oracle-64k 6.8.0-1012.12 linux-image-6.8.0-1014-gcp 6.8.0-1014.16 linux-image-6.8.0-1015-aws 6.8.0-1015.16 linux-image-6.8.0-44-generic 6.8.0-44.44 linux-image-6.8.0-44-generic-64k 6.8.0-44.44 linux-image-6.8.0-44-lowlatency 6.8.0-44.44.1 linux-image-6.8.0-44-lowlatency-64k 6.8.0-44.44.1 linux-image-aws 6.8.0-1015.16 linux-image-gcp 6.8.0-1014.16 linux-image-generic 6.8.0-44.44 linux-image-generic-64k 6.8.0-44.44 linux-image-generic-64k-hwe-24.04 6.8.0-44.44 linux-image-generic-hwe-24.04 6.8.0-44.44 linux-image-generic-lpae 6.8.0-44.44 linux-image-gke 6.8.0-1010.13 linux-image-ibm 6.8.0-1012.12 linux-image-ibm-classic 6.8.0-1012.12 linux-image-ibm-lts-24.04 6.8.0-1012.12 linux-image-kvm 6.8.0-44.44 linux-image-lowlatency 6.8.0-44.44.1 linux-image-lowlatency-64k 6.8.0-44.44.1 linux-image-oracle 6.8.0-1012.12 linux-image-oracle-64k 6.8.0-1012.12 linux-image-virtual 6.8.0-44.44 linux-image-virtual-hwe-24.04 6.8.0-44.44 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.
References
https://ubuntu.com/security/notices/USN-6999-1
CVE-2022-48772, CVE-2023-52884, CVE-2024-23848, CVE-2024-31076,
CVE-2024-32936, CVE-2024-33619, CVE-2024-33621, CVE-2024-33847,
CVE-2024-34027, CVE-2024-34030, CVE-2024-34777, CVE-2024-35247,
CVE-2024-36015, CVE-2024-36244, CVE-2024-36270, CVE-2024-36281,
CVE-2024-36286, CVE-2024-36288, CVE-2024-36477, CVE-2024-36478,
CVE-2024-36479, CVE-2024-36481, CVE-2024-36484, CVE-2024-36489,
CVE-2024-36971, CVE-2024-36972, CVE-2024-36973, CVE-2024-36974,
CVE-2024-36978, CVE-2024-37021, CVE-2024-37026, CVE-2024-37078,
CVE-2024-37354, CVE-2024-37356, CVE-2024-38306, CVE-2024-38381,
CVE-2024-38384, CVE-2024-38385, CVE-2024-38388, CVE-2024-38390,
CVE-2024-38618, CVE-2024-38619, CVE-2024-38621, CVE-2024-38622,
CVE-2024-38623, CVE-2024-38624, CVE-2024-38625, CVE-2024-38627,
CVE-2024-38628, CVE-2024-38629, CVE-2024-38630, CVE-2024-38632,
CVE-2024-38633, CVE-2024-38634, CVE-2024-38635, CVE-2024-38636,
CVE-2024-38637, CVE-2024-38659, CVE-2024-38661, CVE-2024-38662,
CVE-2024-38663, CVE-2024-38664, CVE-2024-38667, CVE-2024-38780,
CVE-2024-39276, CVE-2024-39277, CVE-2024-39291, CVE-2024-39296,
CVE-2024-39298, CVE-2024-39301, CVE-2024-39371, CVE-2024-39461,
CVE-2024-39462, CVE-2024-39463, CVE-2024-39464, CVE-2024-39465,
CVE-2024-39466, CVE-2024-39467, CVE-2024-39468, CVE-2024-39469,
CVE-2024-39470, CVE-2024-39471, CVE-2024-39473, CVE-2024-39474,
CVE-2024-39475, CVE-2024-39478, CVE-2024-39479, CVE-2024-39480,
CVE-2024-39481, CVE-2024-39483, CVE-2024-39485, CVE-2024-39488,
CVE-2024-39489, CVE-2024-39490, CVE-2024-39491, CVE-2024-39492,
CVE-2024-39493, CVE-2024-39494, CVE-2024-39495, CVE-2024-39496,
CVE-2024-39497, CVE-2024-39498, CVE-2024-39499, CVE-2024-39500,
CVE-2024-39501, CVE-2024-39502, CVE-2024-39503, CVE-2024-39504,
CVE-2024-39505, CVE-2024-39506, CVE-2024-39507, CVE-2024-39508,
CVE-2024-39509, CVE-2024-39510, CVE-2024-40899, CVE-2024-40900,
CVE-2024-40901, CVE-2024-40902, CVE-2024-40903, CVE-2024-40904,
CVE-2024-40905, CVE-2024-40906, CVE-2024-40908, CVE-2024-40909,
CVE-2024-40910, CVE-2024-40911, CVE-2024-40912, CVE-2024-40913,
CVE-2024-40914, CVE-2024-40915, CVE-2024-40916, CVE-2024-40917,
CVE-2024-40918, CVE-2024-40919, CVE-2024-40920, CVE-2024-40921,
CVE-2024-40922, CVE-2024-40923, CVE-2024-40924, CVE-2024-40925,
CVE-2024-40926, CVE-2024-40927, CVE-2024-40928, CVE-2024-40929,
CVE-2024-40930, CVE-2024-40931, CVE-2024-40932, CVE-2024-40933,
CVE-2024-40934, CVE-2024-40935, CVE-2024-40936, CVE-2024-40937,
CVE-2024-40938, CVE-2024-40939, CVE-2024-40940, CVE-2024-40941,
CVE-2024-40942, CVE-2024-40943, CVE-2024-40944, CVE-2024-40945,
CVE-2024-40947, CVE-2024-40948, CVE-2024-40949, CVE-2024-40951,
CVE-2024-40952, CVE-2024-40953, CVE-2024-40954, CVE-2024-40955,
CVE-2024-40956, CVE-2024-40957, CVE-2024-40958, CVE-2024-40959,
CVE-2024-40960, CVE-2024-40961, CVE-2024-40962, CVE-2024-40963,
CVE-2024-40964, CVE-2024-40965, CVE-2024-40966, CVE-2024-40967,
CVE-2024-40968, CVE-2024-40969, CVE-2024-40970, CVE-2024-40971,
CVE-2024-40972, CVE-2024-40973, CVE-2024-40974, CVE-2024-40975,
CVE-2024-40976, CVE-2024-40977, CVE-2024-40978, CVE-2024-40979,
CVE-2024-40980, CVE-2024-40981, CVE-2024-40982, CVE-2024-40983,
CVE-2024-40984, CVE-2024-40985, CVE-2024-40986, CVE-2024-40987,
CVE-2024-40988, CVE-2024-40989, CVE-2024-40990, CVE-2024-40992,
CVE-2024-40994, CVE-2024-40995, CVE-2024-40996, CVE-2024-40997,
CVE-2024-40998, CVE-2024-40999, CVE-2024-41000, CVE-2024-41001,
CVE-2024-41002, CVE-2024-41003, CVE-2024-41004, CVE-2024-41005,
CVE-2024-41006, CVE-2024-41040, CVE-2024-42078, CVE-2024-42148
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
==========================================================================
Package Information
https://launchpad.net/ubuntu/+source/linux/6.8.0-44.44 https://launchpad.net/ubuntu/+source/linux-aws/6.8.0-1015.16 https://launchpad.net/ubuntu/+source/linux-gcp/6.8.0-1014.16 https://launchpad.net/ubuntu/+source/linux-gke/6.8.0-1010.13 https://launchpad.net/ubuntu/+source/linux-ibm/6.8.0-1012.12 https://launchpad.net/ubuntu/+source/linux-lowlatency/6.8.0-44.44.1 https://launchpad.net/ubuntu/+source/linux-oem-6.8/6.8.0-1012.12 https://launchpad.net/ubuntu/+source/linux-oracle/6.8.0-1012.12
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!