Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 0 articles for you...
172
security advisorydenial of servicepatchUbuntu 22.04 LTS: USN-6819-3 Critical: Linux Kernel Crash Risks
Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-6819-3 June 12, 2024 linux-oem-6.5 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-oem-6.5: Linux kernel for OEM systems Details: Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service (system crash). (CVE-2023-6356, CVE-2023-6535, CVE-2023-6536) Chenyuan Yang discovered that the RDS Protocol implementation in the Linux kernel contained an out-of-bounds read vulnerability. An attacker could use this to possibly cause a denial of service (system crash). (CVE-2024-23849) It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A privileged local attacker could use this to possibly cause a denial of service (system crash). (CVE-2024-24860) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - Core kernel; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACPI drivers; - Android drivers; - Drivers core; - Power management core; - Bus devices; - Device frequency scaling framework; - DMA engine subsystem; - EDAC drivers; - ARM SCMI message protocol; - GPU drivers; - IIO ADC drivers; - InfiniBand drivers; - IOMMUsubsystem; - Media drivers; - Multifunction device drivers; - MTD block device drivers; - Network drivers; - NVME drivers; - Device tree and open firmware driver; - PCI driver for MicroSemi Switchtec; - Power supply drivers; - RPMSG subsystem; - SCSI drivers; - QCOM SoC drivers; - SPMI drivers; - Thermal drivers; - TTY drivers; - VFIO drivers; - BTRFS file system; - Ceph distributed file system; - EFI Variable file system; - EROFS file system; - Ext4 file system; - F2FS file system; - GFS2 file system; - JFS file system; - Network file systems library; - Network file system server daemon; - File systems infrastructure; - Pstore file system; - ReiserFS file system; - SMB network file system; - BPF subsystem; - Memory management; - TLS protocol; - Ethernet bridge; - Networking core; - IPv4 networking; - IPv6 networking; - Logical Link layer; - MAC80211 subsystem; - Multipath TCP; - Netfilter; - NetLabel subsystem; - Network traffic control; - SMC sockets; - Sun RPC protocol; - AppArmor security module; - Intel ASoC drivers; - MediaTek ASoC drivers; - USB sound devices; (CVE-2023-52612, CVE-2024-26808, CVE-2023-52691, CVE-2023-52618, CVE-2023-52463, CVE-2023-52447, CVE-2024-26668, CVE-2023-52454, CVE-2024-26670, CVE-2024-26646, CVE-2023-52472, CVE-2024-26586, CVE-2023-52681, CVE-2023-52453, CVE-2023-52611, CVE-2023-52622, CVE-2024-26641, CVE-2023-52616, CVE-2024-26592, CVE-2023-52606, CVE-2024-26620, CVE-2023-52692, CVE-2024-26669, CVE-2023-52623, CVE-2023-52588, CVE-2024-26616, CVE-2024-26610, CVE-2024-35839, CVE-2023-52490, CVE-2023-52672, CVE-2024-26612, CVE-2023-52617, CVE-2023-52697, CVE-2024-26644, CVE-2023-52458, CVE-2023-52598, CVE-2024-35841, CVE-2023-52664, CVE-2023-52635, CVE-2023-52676, CVE-2023-52669, CVE-2024-26632, CVE-2023-52486, CVE-2024-26625, CVE-2023-52608, CVE-2024-26634, CVE-2023-52599,CVE-2024-26618, CVE-2024-26640, CVE-2023-52489, CVE-2023-52675, CVE-2023-52678, CVE-2024-26583, CVE-2023-52693, CVE-2023-52498, CVE-2024-26649, CVE-2023-52670, CVE-2023-52473, CVE-2023-52449, CVE-2023-52667, CVE-2023-52467, CVE-2023-52686, CVE-2024-26633, CVE-2023-52666, CVE-2024-35840, CVE-2024-26629, CVE-2024-26595, CVE-2023-52593, CVE-2023-52687, CVE-2023-52465, CVE-2024-26627, CVE-2023-52493, CVE-2023-52491, CVE-2024-26636, CVE-2024-26584, CVE-2023-52587, CVE-2023-52597, CVE-2023-52462, CVE-2023-52633, CVE-2023-52696, CVE-2024-26585, CVE-2023-52589, CVE-2023-52456, CVE-2023-52470, CVE-2024-35838, CVE-2024-26645, CVE-2023-52591, CVE-2023-52464, CVE-2023-52609, CVE-2024-26608, CVE-2023-52450, CVE-2023-52584, CVE-2023-52469, CVE-2023-52583, CVE-2023-52451, CVE-2023-52495, CVE-2023-52626, CVE-2023-52595, CVE-2023-52680, CVE-2023-52632, CVE-2024-26582, CVE-2024-35837, CVE-2023-52494, CVE-2023-52614, CVE-2023-52443, CVE-2023-52698, CVE-2023-52448, CVE-2024-26615, CVE-2023-52452, CVE-2023-52492, CVE-2024-26647, CVE-2023-52468, CVE-2023-52594, CVE-2023-52621, CVE-2024-26638, CVE-2024-26594, CVE-2024-26673, CVE-2023-52457, CVE-2023-52677, CVE-2023-52607, CVE-2024-26623, CVE-2023-52488, CVE-2023-52497, CVE-2023-52445, CVE-2024-26607, CVE-2023-52610, CVE-2024-35842, CVE-2023-52690, CVE-2023-52683, CVE-2023-52444, CVE-2024-26671, CVE-2023-52455, CVE-2023-52679, CVE-2024-26598, CVE-2023-52674, CVE-2023-52627, CVE-2023-52619, CVE-2023-52487, CVE-2023-52446, CVE-2024-35835, CVE-2023-52682, CVE-2023-52685, CVE-2023-52694, CVE-2024-26631) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS linux-image-6.5.0-1024-oem 6.5.0-1024.25 linux-image-oem-22.04 6.5.0.1024.26 linux-image-oem-22.04a 6.5.0.1024.26 linux-image-oem-22.04b 6.5.0.1024.26 linux-image-oem-22.04c 6.5.0.1024.26 linux-image-oem-22.04d 6.5.0.1024.26 After a standard system updateyou need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-6819-3 https://ubuntu.com/security/notices/USN-6819-1 CVE-2023-52443, CVE-2023-52444, CVE-2023-52445, CVE-2023-52446, CVE-2023-52447, CVE-2023-52448, CVE-2023-52449, CVE-2023-52450, CVE-2023-52451, CVE-2023-52452, CVE-2023-52453, CVE-2023-52454, CVE-2023-52455, CVE-2023-52456, CVE-2023-52457, CVE-2023-52458, CVE-2023-52462, CVE-2023-52463, CVE-2023-52464, CVE-2023-52465, CVE-2023-52467, CVE-2023-52468, CVE-2023-52469, CVE-2023-52470, CVE-2023-52472, CVE-2023-52473, CVE-2023-52486, CVE-2023-52487, CVE-2023-52488, CVE-2023-52489, CVE-2023-52490, CVE-2023-52491, CVE-2023-52492, CVE-2023-52493, CVE-2023-52494, CVE-2023-52495, CVE-2023-52497, CVE-2023-52498, CVE-2023-52583, CVE-2023-52584, CVE-2023-52587, CVE-2023-52588, CVE-2023-52589, CVE-2023-52591, CVE-2023-52593, CVE-2023-52594, CVE-2023-52595, CVE-2023-52597, CVE-2023-52598, CVE-2023-52599, CVE-2023-52606, CVE-2023-52607, CVE-2023-52608, CVE-2023-52609, CVE-2023-52610, CVE-2023-52611, CVE-2023-52612, CVE-2023-52614, CVE-2023-52616, CVE-2023-52617, CVE-2023-52618, CVE-2023-52619, CVE-2023-52621, CVE-2023-52622, CVE-2023-52623, CVE-2023-52626, CVE-2023-52627, CVE-2023-52632, CVE-2023-52633, CVE-2023-52635, CVE-2023-52664, CVE-2023-52666, CVE-2023-52667, CVE-2023-52669, CVE-2023-52670, CVE-2023-52672, CVE-2023-52674, CVE-2023-52675, CVE-2023-52676, CVE-2023-52677, CVE-2023-52678, CVE-2023-52679, CVE-2023-52680, CVE-2023-52681, CVE-2023-52682, CVE-2023-52683, CVE-2023-52685, CVE-2023-52686, CVE-2023-52687, CVE-2023-52690, CVE-2023-52691, CVE-2023-52692, CVE-2023-52693, CVE-2023-52694, CVE-2023-52696, CVE-2023-52697, CVE-2023-52698, CVE-2023-6356, CVE-2023-6535, CVE-2023-6536, CVE-2024-23849, CVE-2024-24860, CVE-2024-26582, CVE-2024-26583, CVE-2024-26584, CVE-2024-26585, CVE-2024-26586, CVE-2024-26592, CVE-2024-26594, CVE-2024-26595, CVE-2024-26598, CVE-2024-26607, CVE-2024-26608, CVE-2024-26610, CVE-2024-26612, CVE-2024-26615, CVE-2024-26616, CVE-2024-26618, CVE-2024-26620, CVE-2024-26623, CVE-2024-26625, CVE-2024-26627, CVE-2024-26629, CVE-2024-26631, CVE-2024-26632, CVE-2024-26633, CVE-2024-26634, CVE-2024-26636, CVE-2024-26638, CVE-2024-26640, CVE-2024-26641, CVE-2024-26644, CVE-2024-26645, CVE-2024-26646, CVE-2024-26647, CVE-2024-26649, CVE-2024-26668, CVE-2024-26669, CVE-2024-26670, CVE-2024-26671, CVE-2024-26673, CVE-2024-26808, CVE-2024-35835, CVE-2024-35837, CVE-2024-35838, CVE-2024-35839, CVE-2024-35840, CVE-2024-35841, CVE-2024-35842 Package Information: https://launchpad.net/ubuntu/+source/linux-oem-6.5/6.5.0-1024.25 . Updates concerning Ubuntu 22.04 LTS focus on critical vulnerabilities in the Linux kernel, with multiple bugs resolved following the latest patches.. Linux Kernel Security, Ubuntu Security Notice, Kpatch Releases, Kernel Patch Updates. . Severity: Critical. LinuxSecurity.com Team
Jun 12, 2024
•Critical
Ubuntu
172
security advisorydenial of servicecriticalUbuntu 22.04 LTS USN-6688-1 Critical: Linux Kernel OEM Issues
Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-6688-1 March 11, 2024 linux-oem-6.1 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-oem-6.1: Linux kernel for OEM systems Details: Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service (host domain crash). (CVE-2023-46838) It was discovered that the Habana's AI Processors driver in the Linux kernel did not properly initialize certain data structures before passing them to user space. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2023-50431) Murray McAllister discovered that the VMware Virtual GPU DRM driver in the Linux kernel did not properly handle memory objects when storing surfaces, leading to a use-after-free vulnerability. A local attacker in a guest VM could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5633) It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate certain SMB messages, leading to an out-of-bounds read vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-6610) It was discovered that the VirtIO subsystem in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to possibly expose sensitive information (kernel memory). (CVE-2024-0340) Lonial Con discoveredthat the netfilter subsystem in the Linux kernel did not properly handle element deactivation in certain cases, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-1085) Notselwyn discovered that the netfilter subsystem in the Linux kernel did not properly handle verdict parameters in certain cases, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-1086) Chenyuan Yang discovered that the RDS Protocol implementation in the Linux kernel contained an out-of-bounds read vulnerability. An attacker could use this to possibly cause a denial of service (system crash). (CVE-2024-23849) It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A privileged local attacker could use this to possibly cause a denial of service (system crash). (CVE-2024-24860) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Architecture specifics; - Block layer; - ACPI drivers; - Android drivers; - EDAC drivers; - GPU drivers; - InfiniBand drivers; - Media drivers; - Multifunction device drivers; - MTD block device drivers; - Network drivers; - NVME drivers; - PHY drivers; - PWM drivers; - SCSI drivers; - SPMI drivers; - TTY drivers; - Userspace I/O drivers; - Ceph distributed file system; - EFI Variable file system; - Ext4 file system; - F2FS file system; - GFS2 file system; - JFS file system; - SMB network file system; - BPF subsystem; - Logical Link Layer; - Netfilter; - Unix domain sockets; - AppArmor security module; (CVE-2024-26599,CVE-2023-52604, CVE-2023-52439, CVE-2024-26627, CVE-2024-26601, CVE-2024-26628, CVE-2023-52607, CVE-2023-52456, CVE-2023-52602, CVE-2023-52443, CVE-2023-52599, CVE-2023-52603, CVE-2024-26588, CVE-2024-26581, CVE-2023-52600, CVE-2024-26624, CVE-2023-52584, CVE-2024-26625, CVE-2023-52606, CVE-2023-52463, CVE-2023-52464, CVE-2023-52597, CVE-2023-52595, CVE-2023-52458, CVE-2023-52457, CVE-2023-52438, CVE-2023-52469, CVE-2023-52462, CVE-2024-26589, CVE-2024-26592, CVE-2024-26594, CVE-2023-52601, CVE-2023-52593, CVE-2023-52436, CVE-2023-52447, CVE-2023-52587, CVE-2023-52445, CVE-2023-52454, CVE-2023-52451, CVE-2023-52605, CVE-2024-26597, CVE-2023-52448, CVE-2023-52598, CVE-2024-26591, CVE-2023-52449, CVE-2023-52444, CVE-2023-52583, CVE-2023-52589, CVE-2024-26598, CVE-2023-52470, CVE-2023-52594, CVE-2023-52588, CVE-2023-52467, CVE-2024-26600) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS: linux-image-6.1.0-1035-oem 6.1.0-1035.35 linux-image-oem-22.04 6.1.0.1035.36 linux-image-oem-22.04a 6.1.0.1035.36 linux-image-oem-22.04b 6.1.0.1035.36 linux-image-oem-22.04c 6.1.0.1035.36 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-6688-1 CVE-2023-46838, CVE-2023-50431, CVE-2023-52436, CVE-2023-52438, CVE-2023-52439, CVE-2023-52443, CVE-2023-52444, CVE-2023-52445, CVE-2023-52447, CVE-2023-52448, CVE-2023-52449, CVE-2023-52451, CVE-2023-52454, CVE-2023-52456, CVE-2023-52457, CVE-2023-52458, CVE-2023-52462, CVE-2023-52463, CVE-2023-52464, CVE-2023-52467, CVE-2023-52469, CVE-2023-52470, CVE-2023-52583, CVE-2023-52584, CVE-2023-52587, CVE-2023-52588, CVE-2023-52589, CVE-2023-52593, CVE-2023-52594, CVE-2023-52595, CVE-2023-52597, CVE-2023-52598, CVE-2023-52599, CVE-2023-52600, CVE-2023-52601, CVE-2023-52602, CVE-2023-52603, CVE-2023-52604, CVE-2023-52605, CVE-2023-52606, CVE-2023-52607, CVE-2023-5633, CVE-2023-6610, CVE-2024-0340, CVE-2024-1085, CVE-2024-1086, CVE-2024-23849, CVE-2024-24860, CVE-2024-26581, CVE-2024-26588, CVE-2024-26589, CVE-2024-26591, CVE-2024-26592, CVE-2024-26594, CVE-2024-26597, CVE-2024-26598, CVE-2024-26599, CVE-2024-26600, CVE-2024-26601, CVE-2024-26624, CVE-2024-26625, CVE-2024-26627, CVE-2024-26628 Package Information: https://launchpad.net/ubuntu/+source/linux-oem-6.1/6.1.0-1035.35 . Rectifies multiple vulnerabilities in the Linux kernel of Ubuntu 22.04 LTS, tackling both local and remote exploitation opportunities.. Ubuntu Kernel Security,OEM Linux Updates,Denial Of Service Fixes. . Severity: Critical. LinuxSecurity.com Team
Mar 11, 2024
•Critical
Ubuntu
172
security advisorydenial of servicecriticalUbuntu 22.04 LTS USN-6316-1 Critical: Linux Kernel OEM Flaws
Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-6316-1 August 29, 2023 linux-oem-6.1 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-oem-6.1: Linux kernel for OEM systems Details: Daniel Moghimi discovered that some Intel(R) Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. (CVE-2022-40982) Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. (CVE-2023-20593) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle table rules flush in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-3777) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle rule additions to bound chains in certain circumstances. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-3995) It was discovered that the netfilter subsystem in the Linux kernel did not properly handle PIPAPO element removal, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-4004) Kevin Rich discovered that the netfilter subsystem in the Linux kernel did not properly handle bound chain deactivation in certain circumstances. A local attackercould possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2023-4015) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS: linux-image-6.1.0-1020-oem 6.1.0-1020.20 linux-image-oem-22.04c 6.1.0.1020.20 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-6316-1 CVE-2022-40982, CVE-2023-20593, CVE-2023-3777, CVE-2023-3995, CVE-2023-4004, CVE-2023-4015 Package Information: https://launchpad.net/ubuntu/+source/linux-oem-6.1/6.1.0-1020.20 . Multiple security flaws identified within the Linux kernel package for Ubuntu affecting OEM platforms and possible attack vectors.. Ubuntu Linux Update, OEM Kernel Security, Linux Kernel Issues. . Severity: Critical. LinuxSecurity.com Team
Aug 29, 2023
•Critical
Ubuntu
172
security advisorydenial of servicecriticalUbuntu 20.04 LTS USN-5590-1 Critical: Linux Kernel DoS Threat
The system could be made to crash if it received specially crafted network traffic.. =========================================================================Ubuntu Security Notice USN-5590-1 August 30, 2022 linux-oem-5.14 vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS Summary: The system could be made to crash if it received specially crafted network traffic. Software Description: - linux-oem-5.14: Linux kernel for OEM systems Details: Domingo Dirutigliano and Nicola Guerrera discovered that the netfilter subsystem in the Linux kernel did not properly handle rules that truncated packets below the packet header size. When such rules are in place, a remote attacker could possibly use this to cause a denial of service (system crash). Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: linux-image-5.14.0-1050-oem 5.14.0-1050.57 linux-image-oem-20.04 5.14.0.1050.46 linux-image-oem-20.04b 5.14.0.1050.46 linux-image-oem-20.04c 5.14.0.1050.46 linux-image-oem-20.04d 5.14.0.1050.46 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-5590-1 CVE-2022-36946 Package Information: https://launchpad.net/ubuntu/+source/linux-oem-5.14/5.14.0-1050.57 . Ubuntu tackles a critical defect in the Linux kernel OEM that may induce system failures due tomaliciously designed traffic.. Linux Kernel Update, OEM Security Patch, Ubuntu Security Fix, Denial of Service Threat. . Severity: Critical. LinuxSecurity.com Team
Aug 30, 2022
•Critical
Ubuntu
172
security advisorydenial of servicedata protectionUbuntu 20.04 LTS USN-5207-1: Critical Kernel Issues Fixed
Several security issues were fixed in the Linux kernel.. =========================================================================Ubuntu Security Notice USN-5207-1 January 05, 2022 linux-oem-5.10 vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-oem-5.10: Linux kernel for OEM systems Details: Nadav Amit discovered that the hugetlb implementation in the Linux kernel did not perform TLB flushes under certain conditions. A local attacker could use this to leak or alter data from other processes that use huge pages. (CVE-2021-4002) It was discovered that the eBPF implementation in the Linux kernel contained a race condition around read-only maps. A privileged attacker could use this to modify read-only maps. (CVE-2021-4001) Luo Likang discovered that the FireDTV Firewire driver in the Linux kernel did not properly perform bounds checking in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-42739) It was discovered that the TIPC Protocol implementation in the Linux kernel did not properly validate MSG_CRYPTO messages in some situations. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-43267) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: linux-image-5.10.0-1053-oem 5.10.0-1053.55 linux-image-oem-20.04 5.10.0.1053.55 linux-image-oem-20.04b 5.10.0.1053.55 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernelmodules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-5207-1 CVE-2021-4001, CVE-2021-4002, CVE-2021-42739, CVE-2021-43267 Package Information: https://launchpad.net/ubuntu/+source/linux-oem-5.10/5.10.0-1053.55 . Strengthen Ubuntu 20.04 LTS by addressing Linux kernel vulnerabilities with the latest patches, enhancing system defenses against potential threats and data risk. Ubuntu Kernel Security,Linux OEM,Kernel Updates,DoS Protection. . Severity: Critical. LinuxSecurity.com Team
Jan 05, 2022
•Critical
Ubuntu
172
security advisorydenial of servicecriticalUbuntu 20.04 LTS USN-5115-1 Critical: Linux Kernel OEM Issues
Several security issues were fixed in the Linux kernel.. =========================================================================Ubuntu Security Notice USN-5115-1 October 20, 2021 linux-oem-5.10 vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-oem-5.10: Linux kernel for OEM systems Details: It was discovered that a race condition existed in the Atheros Ath9k WiFi driver in the Linux kernel. An attacker could possibly use this to expose sensitive information (WiFi network traffic). (CVE-2020-3702) Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk discovered that the BPF verifier in the Linux kernel missed possible mispredicted branches due to type confusion, allowing a side-channel attack. An attacker could use this to expose sensitive information. (CVE-2021-33624) Benedict Schlueter discovered that the BPF subsystem in the Linux kernel did not properly protect against Speculative Store Bypass (SSB) side- channel attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2021-34556) Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not properly protect against Speculative Store Bypass (SSB) side-channel attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2021-35477) It was discovered that the tracing subsystem in the Linux kernel did not properly keep track of per-cpu ring buffer state. A privileged attacker could use this to cause a denial of service. (CVE-2021-3679) It was discovered that the Option USB High Speed Mobile device driver in the Linux kernel did not properly handle error conditions. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.(CVE-2021-37159) Alois Wohlschlager discovered that the overlay file system in the Linux kernel did not restrict private clones in some situations. An attacker could use this to expose sensitive information. (CVE-2021-3732) It was discovered that the btrfs file system in the Linux kernel did not properly handle removing a non-existent device id. An attacker with CAP_SYS_ADMIN could use this to cause a denial of service. (CVE-2021-3739) It was discovered that the Qualcomm IPC Router protocol implementation in the Linux kernel did not properly validate metadata in some situations. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information. (CVE-2021-3743) It was discovered that the virtual terminal (vt) device implementation in the Linux kernel contained a race condition in its ioctl handling that led to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information. (CVE-2021-3753) It was discovered that the Linux kernel did not properly account for the memory usage of certain IPC objects. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3759) It was discovered that the BPF subsystem in the Linux kernel contained an integer overflow in its hash table implementation. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-38166) It was discovered that the MAX-3421 host USB device driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2021-38204) It was discovered that the Xilinx 10/100 Ethernet Lite device driver in the Linux kernel could report pointer addresses in some situations. An attacker could use this information to ease the exploitation of another vulnerability. (CVE-2021-38205) It was discovered that the ext4 file system in the Linux kernel contained a race condition when writingxattrs to an inode. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. (CVE-2021-40490) It was discovered that the 6pack network protocol driver in the Linux kernel did not properly perform validation checks. A privileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-42008) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: linux-image-5.10.0-1050-oem 5.10.0-1050.52 linux-image-oem-20.04 5.10.0.1050.52 linux-image-oem-20.04b 5.10.0.1050.52 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-5115-1 CVE-2020-3702, CVE-2021-33624, CVE-2021-34556, CVE-2021-35477, CVE-2021-3679, CVE-2021-37159, CVE-2021-3732, CVE-2021-3739, CVE-2021-3743, CVE-2021-3753, CVE-2021-3759, CVE-2021-38166, CVE-2021-38204, CVE-2021-38205, CVE-2021-40490, CVE-2021-42008 Package Information: https://launchpad.net/ubuntu/+source/linux-oem-5.10/5.10.0-1050.52 . Urgent Ubuntu Security Update addressing the fix for various kernel vulnerabilities that impact data security and system reliability.. kernel fixes, security issues, Ubuntu updates. . Severity: Critical. LinuxSecurity.com Team
Oct 20, 2021
•Critical
Ubuntu
172
security advisorymemory accessubuntuUbuntu 20.04: USN-5072-1 Moderate KVM Memory Access Threats
Several security issues were fixed in the Linux kernel.. =========================================================================Ubuntu Security Notice USN-5072-1 September 08, 2021 linux-azure-5.8, linux-oem-5.10 vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-azure-5.8: Linux kernel for Microsoft Azure cloud systems - linux-oem-5.10: Linux kernel for OEM systems Details: Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory. (CVE-2021-3656) Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host's physical memory. (CVE-2021-3653) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: linux-image-5.10.0-1045-oem 5.10.0-1045.47 linux-image-5.8.0-1041-azure 5.8.0-1041.44~20.04.1 linux-image-azure 5.8.0.1041.44~20.04.13 linux-image-oem-20.04 5.10.0.1045.47 linux-image-oem-20.04b 5.10.0.1045.47 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE,linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-5072-1 CVE-2021-3653, CVE-2021-3656 Package Information: https://launchpad.net/ubuntu/+source/linux-azure-5.8/5.8.0-1041.44~20.04.1 https://launchpad.net/ubuntu/+source/linux-oem-5.10/5.10.0-1045.47 . Several vulnerabilities patched in Ubuntu's Linux kernel, necessitating upgrades for cloud providers and original equipment manufacturers.. Ubuntu Kernel Update, Linux Hypervisor, KVM Security, Memory Access, Azure Fix. . Severity: Important. LinuxSecurity.com Team
Sep 08, 2021
•Important
Ubuntu
172
security advisorydenial of servicecritical threatUbuntu 20.04 LTS USN-5015-1 Critical: Kernel Denial Of Service Threats
Several security issues were fixed in the Linux kernel.. =========================================================================Ubuntu Security Notice USN-5015-1 July 20, 2021 linux-oem-5.10 vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-oem-5.10: Linux kernel for OEM systems Details: It was discovered that the virtual file system implementation in the Linux kernel contained an unsigned to signed integer conversion error. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-33909) Michael Brown discovered that the Xen netback driver in the Linux kernel did not properly handle malformed packets from a network PV frontend, leading to a use-after-free vulnerability. An attacker in a guest VM could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-28691) It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle HCI device initialization failure, leading to a double-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-3564) It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle HCI device detach events, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2021-3573) It was discovered that the NFC implementation in the Linux kernel did not properly handle failed connect events leading to a NULL pointer dereference. A local attacker could use this to cause a denial of service. (CVE-2021-3587) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: linux-image-5.10.0-1038-oem 5.10.0-1038.40 linux-image-oem-20.04 5.10.0.1038.40 linux-image-oem-20.04b 5.10.0.1038.40 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-5015-1 CVE-2021-28691, CVE-2021-33909, CVE-2021-3564, CVE-2021-3573, CVE-2021-3587 Package Information: https://launchpad.net/ubuntu/+source/linux-oem-5.10/5.10.0-1038.40 . A series of vulnerabilities in the linux-oem-5.10 kernel for Ubuntu has been addressed, rectifying urgent threats that jeopardized the system's integrity.. Ubuntu Security Notice, Kernel Threats, Linux OEM Updates. . Severity: Critical. LinuxSecurity.com Team
Jul 20, 2021
•Critical
Ubuntu
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!