Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 15 articles for you...
172
security advisorycriticalUbuntuUbuntu 24.04/24.10: USN-7489-1 critical: Linux kernel crash risk
The system could be made to crash under certain conditions.. ========================================================================== Ubuntu Security Notice USN-7489-1 May 06, 2025 linux, linux-aws, linux-gcp, linux-gcp-6.11, linux-hwe-6.11, linux-lowlatency, linux-lowlatency-hwe-6.11, linux-oracle, linux-raspi vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.10 - Ubuntu 24.04 LTS Summary: The system could be made to crash under certain conditions. Software Description: - linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services (AWS) systems - linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems - linux-lowlatency: Linux low latency kernel - linux-oracle: Linux kernel for Oracle Cloud systems - linux-raspi: Linux kernel for Raspberry Pi systems - linux-gcp-6.11: Linux kernel for Google Cloud Platform (GCP) systems - linux-hwe-6.11: Linux hardware enablement (HWE) kernel - linux-lowlatency-hwe-6.11: Linux low latency kernel Details: A security issue was discovered in the Linux kernel. An attacker could possibly use this to compromise the system. This update corrects flaws in the following subsystems: - Timer subsystem; (CVE-2025-21813) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.10 linux-image-6.11.0-1012-raspi 6.11.0-1012.12 linux-image-6.11.0-1013-aws 6.11.0-1013.14 linux-image-6.11.0-1013-lowlatency 6.11.0-1013.14 linux-image-6.11.0-1013-lowlatency-64k 6.11.0-1013.14 linux-image-6.11.0-1014-gcp 6.11.0-1014.14 linux-image-6.11.0-1014-gcp-64k 6.11.0-1014.14 linux-image-6.11.0-1015-oracle 6.11.0-1015.16 linux-image-6.11.0-1015-oracle-64k 6.11.0-1015.16 linux-image-6.11.0-25-generic 6.11.0-25.25 linux-image-6.11.0-25-generic-64k 6.11.0-25.25 linux-image-aws 6.11.0-1013.14 linux-image-gcp 6.11.0-1014.14 linux-image-gcp-64k 6.11.0-1014.14 linux-image-generic 6.11.0-25.25 linux-image-generic-64k 6.11.0-25.25 linux-image-lowlatency 6.11.0-1013.14 linux-image-lowlatency-64k 6.11.0-1013.14 linux-image-oracle 6.11.0-1015.16 linux-image-oracle-64k 6.11.0-1015.16 linux-image-raspi 6.11.0-1012.12 linux-image-virtual 6.11.0-25.25 Ubuntu 24.04 LTS linux-image-6.11.0-1013-lowlatency 6.11.0-1013.14~24.04.1 linux-image-6.11.0-1013-lowlatency-64k 6.11.0-1013.14~24.04.1 linux-image-6.11.0-1014-gcp 6.11.0-1014.14~24.04.1 linux-image-6.11.0-1014-gcp-64k 6.11.0-1014.14~24.04.1 linux-image-6.11.0-25-generic 6.11.0-25.25~24.04.1 linux-image-6.11.0-25-generic-64k 6.11.0-25.25~24.04.1 linux-image-gcp 6.11.0-1014.14~24.04.1 linux-image-gcp-64k 6.11.0-1014.14~24.04.1 linux-image-generic-64k-hwe-24.04 6.11.0-25.25~24.04.1 linux-image-generic-hwe-24.04 6.11.0-25.25~24.04.1 linux-image-lowlatency-64k-hwe-24.04 6.11.0-1013.14~24.04.1 linux-image-lowlatency-hwe-24.04 6.11.0-1013.14~24.04.1 linux-image-virtual-hwe-24.04 6.11.0-25.25~24.04.1 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-7489-1 CVE-2025-21813 Package Information: https://launchpad.net/ubuntu/+source/linux/6.11.0-25.25 https://launchpad.net/ubuntu/+source/linux-aws/6.11.0-1013.14 https://launchpad.net/ubuntu/+source/linux-gcp/6.11.0-1014.14 https://launchpad.net/ubuntu/+source/linux-lowlatency/6.11.0-1013.14 https://launchpad.net/ubuntu/+source/linux-oracle/6.11.0-1015.16 https://launchpad.net/ubuntu/+source/linux-raspi/6.11.0-1012.12 https://launchpad.net/ubuntu/+source/linux-gcp-6.11/6.11.0-1014.14~24.04.1 https://launchpad.net/ubuntu/+source/linux-hwe-6.11/6.11.0-25.25~24.04.1 https://launchpad.net/ubuntu/+source/linux-lowlatency-hwe-6.11/6.11.0-1013.14~24.04.1 . Important security advisory for Ubuntu users to address kernel vulnerabilities in versions 20.04 and 22.04 LTS. Immediate updates are recommended to ensure system stability and security. Linux kernel security, Ubuntu updates, crash risks, system vulnerabilities, kernel patching. . Severity: Critical. LinuxSecurity.com Team
May 06, 2025
•Critical
Ubuntu
100
security advisoryprivilege escalationimportantSUSE Linux Enterprise Server 15 SP2: 2023:4030-1 High: Kernel Crash Fix
* #1207036 * #1208995 * #1210169 * #1210643 * #1212703 . # Security update for the Linux Kernel Announcement ID: SUSE-SU-2023:4030-1 Rating: important References: * #1207036 * #1208995 * #1210169 * #1210643 * #1212703 * #1214233 * #1214351 * #1214380 * #1214386 * #1215115 * #1215117 * #1215150 * #1215221 * #1215275 * #1215299 Cross-References: * CVE-2020-36766 * CVE-2023-1192 * CVE-2023-1206 * CVE-2023-1859 * CVE-2023-2177 * CVE-2023-23454 * CVE-2023-40283 * CVE-2023-42753 * CVE-2023-4389 * CVE-2023-4622 * CVE-2023-4623 * CVE-2023-4881 * CVE-2023-4921 CVSS scores: * CVE-2020-36766 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2020-36766 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2023-1192 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-1206 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-1206 ( NVD ): 5.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-1859 ( SUSE ): 1.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2023-1859 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-2177 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-2177 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-23454 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-23454 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-40283 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-40283 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-42753 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-4389 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2023-4389 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-4622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-4622 ( NVD ): 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-4623 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-4623 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-4881 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L * CVE-2023-4881 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2023-4921 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-4921 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Availability Extension 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Live Patching 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 Business Critical Linux 15-SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Manager Proxy 4.1 * SUSE Manager Retail Branch Server 4.1 * SUSE Manager Server 4.1 An update that solves 13 vulnerabilities and has two security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2023-4389: Fixed a reference counting issue in the Btrfs filesystem that could be exploited in order to leak internal kernel information or crash the system (bsc#1214351). * CVE-2023-42753: Fixed an array indexing vulnerability in the netfilter subsystem. This issue may have allowed a local user to crash the system or potentially escalate their privileges (bsc#1215150). * CVE-2023-1206: Fixed a hash collision flaw in the IPv6 connection lookup table which could be exploited by network adjacent attackers, increasing CPU usage by 95% (bsc#1212703). * CVE-2023-4921: Fixed a use-after-free vulnerability in the QFQ network scheduler which could be exploited toachieve local privilege escalatio (bsc#1215275). * CVE-2023-23454: Fixed a type-confusion in the CBQ network scheduler (bsc#1207036). * CVE-2023-4622: Fixed a use-after-free vulnerability in the Unix domain sockets component which could be exploited to achieve local privilege escalation (bsc#1215117). * CVE-2023-4623: Fixed a use-after-free issue in the HFSC network scheduler which could be exploited to achieve local privilege escalation (bsc#1215115). * CVE-2020-36766: Fixed a potential information leak in in the CEC driver (bsc#1215299). * CVE-2023-1859: Fixed a use-after-free flaw in Xen transport for 9pfs which could be exploited to crash the system (bsc#1210169). * CVE-2023-2177: Fixed a null pointer dereference issue in the sctp network protocol which could allow a user to crash the system (bsc#1210643). * CVE-2023-4881: Fixed an out-of-bounds write flaw in the netfilter subsystem that could lead to information disclosure or denial of service (bsc#1215221). * CVE-2023-40283: Fixed a use-after-free issue in the Bluetooth subsystem (bsc#1214233). * CVE-2023-1192: Fixed a use-after-free in the CIFS subsystem (bsc#1208995). The following non-security bugs were fixed: * check-for-config-changes: ignore BUILTIN_RETURN_ADDRESS_STRIPS_PAC (bsc#1214380). * mkspec: Allow unsupported KMPs (bsc#1214386) * rpm/mkspec-dtb: support for nested subdirs. * x86/srso: Do not probe microcode in a guest (git-fixes). * x86/srso: Fix SBPB enablement for spec_rstack_overflow=off (git-fixes). * x86/srso: Fix srso_show_state() side effect (git-fixes). * x86/srso: Set CPUID feature bits independently of bug or mitigation status (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: *SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2023-4030=1 * SUSE Linux Enterprise High Availability Extension 15 SP2 zypper in -t patch SUSE-SLE-Product-HA-15-SP2-2023-4030=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-4030=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-4030=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2023-4030=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP2 (nosrc) * kernel-default-5.3.18-150200.24.166.1 * SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64) * kernel-default-livepatch-5.3.18-150200.24.166.1 * kernel-livepatch-SLE15-SP2_Update_41-debugsource-1-150200.5.3.1 * kernel-default-livepatch-devel-5.3.18-150200.24.166.1 * kernel-default-debuginfo-5.3.18-150200.24.166.1 * kernel-livepatch-5_3_18-150200_24_166-default-1-150200.5.3.1 * kernel-livepatch-5_3_18-150200_24_166-default-debuginfo-1-150200.5.3.1 * kernel-default-debugsource-5.3.18-150200.24.166.1 * SUSE Linux Enterprise High Availability Extension 15 SP2 (aarch64 ppc64le s390x x86_64) * dlm-kmp-default-debuginfo-5.3.18-150200.24.166.1 * gfs2-kmp-default-debuginfo-5.3.18-150200.24.166.1 * gfs2-kmp-default-5.3.18-150200.24.166.1 * kernel-default-debuginfo-5.3.18-150200.24.166.1 * cluster-md-kmp-default-debuginfo-5.3.18-150200.24.166.1 * ocfs2-kmp-default-5.3.18-150200.24.166.1 * cluster-md-kmp-default-5.3.18-150200.24.166.1 * dlm-kmp-default-5.3.18-150200.24.166.1 * kernel-default-debugsource-5.3.18-150200.24.166.1 * ocfs2-kmp-default-debuginfo-5.3.18-150200.24.166.1 * SUSE Linux Enterprise High Availability Extension 15 SP2 (nosrc) * kernel-default-5.3.18-150200.24.166.1 * SUSE Linux Enterprise HighPerformance Computing 15 SP2 LTSS 15-SP2 (aarch64 nosrc x86_64) * kernel-default-5.3.18-150200.24.166.1 * kernel-preempt-5.3.18-150200.24.166.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * kernel-obs-build-debugsource-5.3.18-150200.24.166.1 * kernel-preempt-debugsource-5.3.18-150200.24.166.1 * kernel-preempt-devel-debuginfo-5.3.18-150200.24.166.1 * kernel-syms-5.3.18-150200.24.166.1 * kernel-default-devel-5.3.18-150200.24.166.1 * kernel-default-devel-debuginfo-5.3.18-150200.24.166.1 * kernel-default-debuginfo-5.3.18-150200.24.166.1 * kernel-preempt-devel-5.3.18-150200.24.166.1 * kernel-default-base-5.3.18-150200.24.166.1.150200.9.83.1 * kernel-obs-build-5.3.18-150200.24.166.1 * kernel-default-debugsource-5.3.18-150200.24.166.1 * kernel-preempt-debuginfo-5.3.18-150200.24.166.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * kernel-source-5.3.18-150200.24.166.1 * kernel-devel-5.3.18-150200.24.166.1 * kernel-macros-5.3.18-150200.24.166.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch nosrc) * kernel-docs-5.3.18-150200.24.166.2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.3.18-150200.24.166.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * reiserfs-kmp-default-debuginfo-5.3.18-150200.24.166.1 * kernel-obs-build-debugsource-5.3.18-150200.24.166.1 * reiserfs-kmp-default-5.3.18-150200.24.166.1 * kernel-syms-5.3.18-150200.24.166.1 * kernel-default-devel-5.3.18-150200.24.166.1 * kernel-default-devel-debuginfo-5.3.18-150200.24.166.1 * kernel-default-debuginfo-5.3.18-150200.24.166.1 * kernel-default-base-5.3.18-150200.24.166.1.150200.9.83.1 * kernel-obs-build-5.3.18-150200.24.166.1 * kernel-default-debugsource-5.3.18-150200.24.166.1 * SUSE Linux Enterprise Server 15 SP2 LTSS15-SP2 (noarch) * kernel-source-5.3.18-150200.24.166.1 * kernel-devel-5.3.18-150200.24.166.1 * kernel-macros-5.3.18-150200.24.166.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch nosrc) * kernel-docs-5.3.18-150200.24.166.2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150200.24.166.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * kernel-preempt-devel-5.3.18-150200.24.166.1 * kernel-preempt-debugsource-5.3.18-150200.24.166.1 * kernel-preempt-debuginfo-5.3.18-150200.24.166.1 * kernel-preempt-devel-debuginfo-5.3.18-150200.24.166.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (nosrc ppc64le x86_64) * kernel-default-5.3.18-150200.24.166.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * reiserfs-kmp-default-debuginfo-5.3.18-150200.24.166.1 * kernel-obs-build-debugsource-5.3.18-150200.24.166.1 * reiserfs-kmp-default-5.3.18-150200.24.166.1 * kernel-syms-5.3.18-150200.24.166.1 * kernel-default-devel-5.3.18-150200.24.166.1 * kernel-default-devel-debuginfo-5.3.18-150200.24.166.1 * kernel-default-debuginfo-5.3.18-150200.24.166.1 * kernel-default-base-5.3.18-150200.24.166.1.150200.9.83.1 * kernel-obs-build-5.3.18-150200.24.166.1 * kernel-default-debugsource-5.3.18-150200.24.166.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * kernel-source-5.3.18-150200.24.166.1 * kernel-devel-5.3.18-150200.24.166.1 * kernel-macros-5.3.18-150200.24.166.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch nosrc) * kernel-docs-5.3.18-150200.24.166.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (nosrc x86_64) * kernel-preempt-5.3.18-150200.24.166.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64) * kernel-preempt-devel-5.3.18-150200.24.166.1 * kernel-preempt-debugsource-5.3.18-150200.24.166.1 *kernel-preempt-debuginfo-5.3.18-150200.24.166.1 * kernel-preempt-devel-debuginfo-5.3.18-150200.24.166.1 ## References: * https://www.suse.com/security/cve/CVE-2020-36766.html * https://www.suse.com/security/cve/CVE-2023-1192.html * https://www.suse.com/security/cve/CVE-2023-1206.html * https://www.suse.com/security/cve/CVE-2023-1859.html * https://www.suse.com/security/cve/CVE-2023-2177.html * https://www.suse.com/security/cve/CVE-2023-23454.html * https://www.suse.com/security/cve/CVE-2023-40283.html * https://www.suse.com/security/cve/CVE-2023-42753.html * https://www.suse.com/security/cve/CVE-2023-4389.html * https://www.suse.com/security/cve/CVE-2023-4622.html * https://www.suse.com/security/cve/CVE-2023-4623.html * https://www.suse.com/security/cve/CVE-2023-4881.html * https://www.suse.com/security/cve/CVE-2023-4921.html * https://bugzilla.suse.com/show_bug.cgi?id=1207036 * https://bugzilla.suse.com/show_bug.cgi?id=1208995 * https://bugzilla.suse.com/show_bug.cgi?id=1210169 * https://bugzilla.suse.com/show_bug.cgi?id=1210643 * https://bugzilla.suse.com/show_bug.cgi?id=1212703 * https://bugzilla.suse.com/show_bug.cgi?id=1214233 * https://bugzilla.suse.com/show_bug.cgi?id=1214351 * https://bugzilla.suse.com/show_bug.cgi?id=1214380 * https://bugzilla.suse.com/show_bug.cgi?id=1214386 * https://bugzilla.suse.com/show_bug.cgi?id=1215115 * https://bugzilla.suse.com/show_bug.cgi?id=1215117 * https://bugzilla.suse.com/show_bug.cgi?id=1215150 * https://bugzilla.suse.com/show_bug.cgi?id=1215221 * https://bugzilla.suse.com/show_bug.cgi?id=1215275 * https://bugzilla.suse.com/show_bug.cgi?id=1215299 . SUSE issues a security patch for the Linux Kernel addressing various vulnerabilities, such as potential system crashes and elevation of privileges.. SUSE Linux Kernel Update, Security Fixes, Privilege Escalation, System Vulnerabilities. . Severity: Important. LinuxSecurity.com Team
Oct 10, 2023
•Important
SuSE
172
security advisoryDoSUbuntuUbuntu 23.04 USN-6338-1 Critical: Kernel Crashes Resolved
Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-6338-1 September 05, 2023 linux, linux-aws, linux-aws-6.2, linux-hwe-6.2, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-6.2, linux-raspi vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 23.04 - Ubuntu 22.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services (AWS) systems - linux-kvm: Linux kernel for cloud environments - linux-lowlatency: Linux low latency kernel - linux-raspi: Linux kernel for Raspberry Pi systems - linux-aws-6.2: Linux kernel for Amazon Web Services (AWS) systems - linux-hwe-6.2: Linux hardware enablement (HWE) kernel - linux-lowlatency-hwe-6.2: Linux low latency kernel Details: Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-21255) It was discovered that a race condition existed in the f2fs file system in the Linux kernel, leading to a null pointer dereference vulnerability. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service (system crash). (CVE-2023-2898) It was discovered that the DVB Core driver in the Linux kernel did not properly handle locking events in certain situations. A local attacker could use this to cause a denial of service (kernel deadlock). (CVE-2023-31084) Quentin Minster discovered that the KSMBD implementation in the Linux kernel did not properly handle session setup requests. A remote attacker could possibly use this to cause a denial of service (memoryexhaustion). (CVE-2023-32247) Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel when handling sessions operations. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32250, CVE-2023-32252, CVE-2023-32257) It was discovered that a race condition existed in the KSMBD implementation in the Linux kernel when handling session connections, leading to a use- after-free vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-32258) It was discovered that the KSMBD implementation in the Linux kernel did not properly validate buffer sizes in certain operations, leading to an out-of- bounds read vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-38426, CVE-2023-38428) It was discovered that the KSMBD implementation in the Linux kernel did not properly calculate the size of certain buffers. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-38429) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 23.04: linux-image-6.2.0-1011-aws 6.2.0-1011.11 linux-image-6.2.0-1012-kvm 6.2.0-1012.12 linux-image-6.2.0-1012-lowlatency 6.2.0-1012.12 linux-image-6.2.0-1012-lowlatency-64k 6.2.0-1012.12 linux-image-6.2.0-1012-raspi 6.2.0-1012.14 linux-image-6.2.0-32-generic 6.2.0-32.32 linux-image-6.2.0-32-generic-64k 6.2.0-32.32 linux-image-6.2.0-32-generic-lpae 6.2.0-32.32 linux-image-aws 6.2.0.1011.12 linux-image-generic 6.2.0.32.32 linux-image-generic-64k 6.2.0.32.32 linux-image-generic-lpae 6.2.0.32.32 linux-image-kvm 6.2.0.1012.12 linux-image-lowlatency 6.2.0.1012.12 linux-image-lowlatency-64k 6.2.0.1012.12 linux-image-raspi 6.2.0.1012.15 linux-image-raspi-nolpae 6.2.0.1012.15 linux-image-virtual 6.2.0.32.32 Ubuntu 22.04 LTS: linux-image-6.2.0-1011-aws 6.2.0-1011.11~22.04.1 linux-image-6.2.0-1012-lowlatency 6.2.0-1012.12~22.04.1 linux-image-6.2.0-1012-lowlatency-64k 6.2.0-1012.12~22.04.1 linux-image-6.2.0-32-generic 6.2.0-32.32~22.04.1 linux-image-6.2.0-32-generic-64k 6.2.0-32.32~22.04.1 linux-image-6.2.0-32-generic-lpae 6.2.0-32.32~22.04.1 linux-image-aws 6.2.0.1011.11~22.04.1 linux-image-generic-64k-hwe-22.04 6.2.0.32.32~22.04.9 linux-image-generic-hwe-22.04 6.2.0.32.32~22.04.9 linux-image-generic-lpae-hwe-22.04 6.2.0.32.32~22.04.9 linux-image-lowlatency-64k-hwe-22.04 6.2.0.1012.12~22.04.9 linux-image-lowlatency-hwe-22.04 6.2.0.1012.12~22.04.9 linux-image-virtual-hwe-22.04 6.2.0.32.32~22.04.9 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-6338-1 CVE-2023-21255, CVE-2023-2898, CVE-2023-31084, CVE-2023-32247, CVE-2023-32250, CVE-2023-32252, CVE-2023-32257, CVE-2023-32258, CVE-2023-38426, CVE-2023-38428, CVE-2023-38429 Package Information: https://launchpad.net/ubuntu/+source/linux/6.2.0-32.32 https://launchpad.net/ubuntu/+source/linux-aws/6.2.0-1011.11 https://launchpad.net/ubuntu/+source/linux-kvm/6.2.0-1012.12 https://launchpad.net/ubuntu/+source/linux-lowlatency/6.2.0-1012.12 https://launchpad.net/ubuntu/+source/linux-raspi/6.2.0-1012.14 https://launchpad.net/ubuntu/+source/linux-aws-6.2/6.2.0-1011.11~22.04.1 https://launchpad.net/ubuntu/+source/linux-hwe-6.2/6.2.0-32.32~22.04.1 https://launchpad.net/ubuntu/+source/linux-lowlatency-hwe-6.2/6.2.0-1012.12~22.04.1 . Numerous kernel vulnerabilities addressed in Ubuntu 23.04 and 22.04 LTS. Ensure your systems are updated for improved safety.. Linux Kernel Issues, Ubuntu Security, System Integrity, Kernel Update. . Severity: Critical. LinuxSecurity.com Team
Sep 05, 2023
•Critical
Ubuntu
172
security advisoryservice denialubuntuUbuntu 18.04 LTS USN-5591-3 Critical: Kernel Crash Denial Of Service
The system could be made to crash or run programs as an administrator.. =========================================================================Ubuntu Security Notice USN-5591-3 September 01, 2022 linux, linux-azure-4.15, linux-dell300x, linux-gcp-4.15, linux-kvm, linux-snapdragon vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS Summary: The system could be made to crash or run programs as an administrator. Software Description: - linux: Linux kernel - linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems - linux-dell300x: Linux kernel for Dell 300x platforms - linux-gcp-4.15: Linux kernel for Google Cloud Platform (GCP) systems - linux-kvm: Linux kernel for cloud environments - linux-snapdragon: Linux kernel for Qualcomm Snapdragon processors Details: It was discovered that the virtual terminal driver in the Linux kernel did not properly handle VGA console font changes, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS: linux-image-4.15.0-1052-dell300x 4.15.0-1052.57 linux-image-4.15.0-1126-kvm 4.15.0-1126.131 linux-image-4.15.0-1135-gcp 4.15.0-1135.151 linux-image-4.15.0-1136-snapdragon 4.15.0-1136.146 linux-image-4.15.0-1150-azure 4.15.0-1150.165 linux-image-4.15.0-192-generic 4.15.0-192.203 linux-image-4.15.0-192-generic-lpae 4.15.0-192.203 linux-image-4.15.0-192-lowlatency 4.15.0-192.203 linux-image-azure-lts-18.04 4.15.0.1150.120 linux-image-dell300x 4.15.0.1052.52 linux-image-gcp-lts-18.04 4.15.0.1135.151 linux-image-generic 4.15.0.192.177 linux-image-generic-lpae 4.15.0.192.177 linux-image-kvm 4.15.0.1126.119 linux-image-lowlatency 4.15.0.192.177 linux-image-snapdragon 4.15.0.1136.137 linux-image-virtual 4.15.0.192.177 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-5591-3 https://ubuntu.com/security/notices/USN-5591-1 CVE-2021-33656 Package Information: https://launchpad.net/ubuntu/+source/linux/4.15.0-192.203 https://launchpad.net/ubuntu/+source/linux-azure-4.15/4.15.0-1150.165 https://launchpad.net/ubuntu/+source/linux-dell300x/4.15.0-1052.57 https://launchpad.net/ubuntu/+source/linux-gcp-4.15/4.15.0-1135.151 https://launchpad.net/ubuntu/+source/linux-kvm/4.15.0-1126.131 https://launchpad.net/ubuntu/+source/linux-snapdragon/4.15.0-1136.146 . Ubuntu Security Announcement USN-5602-1 details vital patches for Linux kernel flaws impacting system integrity.. Linux Kernel Security, Ubuntu Security Advisories, Kernel Update Instructions. . Severity: Critical. LinuxSecurity.com Team
Sep 01, 2022
•Critical
Ubuntu
172
security advisorydenial of servicecritical severityUbuntu 14.04 ESM USN-5588-1 Critical Denial Of Service Threat
The system could be made to crash or run programs as an administrator.. =========================================================================Ubuntu Security Notice USN-5588-1 August 30, 2022 linux vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 ESM Summary: The system could be made to crash or run programs as an administrator. Software Description: - linux: Linux kernel Details: Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 ESM: linux-image-3.13.0-191-generic 3.13.0-191.242 linux-image-3.13.0-191-lowlatency 3.13.0-191.242 linux-image-generic 3.13.0.191.201 linux-image-lowlatency 3.13.0.191.201 linux-image-server 3.13.0.191.201 linux-image-virtual 3.13.0.191.201 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-5588-1 CVE-2022-2588 . The latest Ubuntu Security Advisory USN-5588-1 addresses a vulnerability in the kernel that could lead to system instability or enable execution ofprivileged commands by unauthorized users.. Linux Kernel, Kernel Update, Denial of Service. . Severity: Critical. LinuxSecurity.com Team
Aug 30, 2022
•Critical
Ubuntu
172
security advisorydenial of serviceupdate instructionsUbuntu 16.04 LTS USN-3249-1 Critical: Kernel Crash Risk and Access Issues
The system could be made to crash or run programs as an administrator.. =========================================================================Ubuntu Security Notice USN-3249-1 March 29, 2017 linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS Summary: The system could be made to crash or run programs as an administrator. Software Description: - linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services (AWS) systems - linux-gke: Linux kernel for Google Container Engine (GKE) systems - linux-raspi2: Linux kernel for Raspberry Pi 2 - linux-snapdragon: Linux kernel for Snapdragon Processors Details: It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: linux-image-4.4.0-1009-gke 4.4.0-1009.9 linux-image-4.4.0-1012-aws 4.4.0-1012.21 linux-image-4.4.0-1051-raspi2 4.4.0-1051.58 linux-image-4.4.0-1054-snapdragon 4.4.0-1054.58 linux-image-4.4.0-71-generic 4.4.0-71.92 linux-image-4.4.0-71-generic-lpae 4.4.0-71.92 linux-image-4.4.0-71-lowlatency 4.4.0-71.92 linux-image-4.4.0-71-powerpc-e500mc 4.4.0-71.92 linux-image-4.4.0-71-powerpc-smp 4.4.0-71.92 linux-image-4.4.0-71-powerpc64-smp 4.4.0-71.92 linux-image-aws 4.4.0.1012.15 linux-image-generic 4.4.0.71.77 linux-image-generic-lpae 4.4.0.71.77 linux-image-gke 4.4.0.1009.11 linux-image-lowlatency 4.4.0.71.77 linux-image-powerpc-e500mc 4.4.0.71.77 linux-image-powerpc-smp 4.4.0.71.77 linux-image-powerpc64-smp 4.4.0.71.77 linux-image-raspi2 4.4.0.1051.52 linux-image-snapdragon 4.4.0.1054.47 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-3249-1 CVE-2017-7184 Package Information: https://launchpad.net/ubuntu/+source/linux/4.4.0-71.92 https://launchpad.net/ubuntu/+source/linux-aws/4.4.0-1012.21 https://launchpad.net/ubuntu/+source/linux-gke/4.4.0-1009.9 https://launchpad.net/ubuntu/+source/linux-raspi2/4.4.0-1051.58 https://launchpad.net/ubuntu/+source/linux-snapdragon/4.4.0-1054.58 . Debian DSA-4821-1 fixes a significant bug in the Linux kernel that permits system freezes or unauthorized program execution by elevated users.. linux kernel updates, ubuntu security, kernel crash prevention, administrative access, system integrity. . Severity: Critical. LinuxSecurity.com Team
Mar 30, 2017
•Critical
Ubuntu
172
security advisorydenial of serviceupdateUbuntu 14.04 LTS USN-3220-2 Critical: linux-lts-xenial Denial of Service
The system could be made to crash or run programs as an administrator.. =========================================================================Ubuntu Security Notice USN-3220-2 March 08, 2017 linux-lts-xenial vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 LTS Summary: The system could be made to crash or run programs as an administrator. Software Description: - linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty Details: USN-3220-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Alexander Popov discovered that the N_HDLC line discipline implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly gain administrative privileges. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 LTS: linux-image-4.4.0-66-generic 4.4.0-66.87~14.04.1 linux-image-4.4.0-66-generic-lpae 4.4.0-66.87~14.04.1 linux-image-4.4.0-66-lowlatency 4.4.0-66.87~14.04.1 linux-image-4.4.0-66-powerpc-e500mc 4.4.0-66.87~14.04.1 linux-image-4.4.0-66-powerpc-smp 4.4.0-66.87~14.04.1 linux-image-4.4.0-66-powerpc64-emb 4.4.0-66.87~14.04.1 linux-image-4.4.0-66-powerpc64-smp 4.4.0-66.87~14.04.1 linux-image-generic-lpae-lts-xenial 4.4.0.66.52 linux-image-generic-lts-xenial 4.4.0.66.52 linux-image-lowlatency-lts-xenial 4.4.0.66.52 linux-image-powerpc-e500mc-lts-xenial 4.4.0.66.52 linux-image-powerpc-smp-lts-xenial 4.4.0.66.52 linux-image-powerpc64-emb-lts-xenial 4.4.0.66.52 linux-image-powerpc64-smp-lts-xenial 4.4.0.66.52 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Dueto an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-3220-2 https://ubuntu.com/security/notices/USN-3220-1 CVE-2017-2636 Package Information: https://launchpad.net/ubuntu/+source/linux-lts-xenial/4.4.0-66.87~14.04.1 . Ubuntu 16.04 LTS patch necessary to address kernel-lts-artful failure and privilege escalation vulnerability, enhancing system safety.. Linux Kernel Issue, Ubuntu Update, Crash Exploit, Security Fix. . Severity: Critical. LinuxSecurity.com Team
Mar 08, 2017
•Critical
Ubuntu
172
security advisorydenial of serviceUbuntuUbuntu 16.10 USN-3152-2 Critical: Raspberry Pi 2 Kernel Crash Risk
The system could be made to crash or run programs as an administrator.. =========================================================================Ubuntu Security Notice USN-3152-2 December 06, 2016 linux-raspi2 vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.10 Summary: The system could be made to crash or run programs as an administrator. Software Description: - linux-raspi2: Linux kernel for Raspberry Pi 2 Details: Philip Pettersson discovered a race condition in the af_packet implementation in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service (system crash) or run arbitrary code with administrative privileges. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.10: linux-image-4.8.0-1020-raspi2 4.8.0-1020.23 linux-image-raspi2 4.8.0.1020.23 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-3152-1 CVE-2016-8655 Package Information: https://launchpad.net/ubuntu/+source/linux-raspi2/4.8.0-1020.23 . A vulnerability in Ubuntu 16.10 for Raspberry Pi 2 could lead to system crashes or unapproved administrative entry due to kernel-related weaknesses.. Raspberry Pi 2 Security, Ubuntu 16.10 Kernel Issue, Denial of Service Ubuntu. . Severity: Critical. LinuxSecurity.com Team
Dec 06, 2016
•Critical
Ubuntu
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!