Release Info

Advisory: CLSA-2023:1682604577

OS: Ubuntu 16.04 ELS

Public date: 2023-04-27 10:09:40

Project: linux

Version: 4.4.0-238.272

Errata link: https://errata.tuxcare.com/els_os/ubuntu16.04els/CLSA-2023-1682604577.html

Changelog

* CVE-2022-1198 - drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() * Bionic update: upstream stable patchset 2022-03-04 (LP: #1963717) // CVE-2020-36516 - ipv4: avoid using shared IP generator for connected sockets * CVE-2022-36879 - xfrm: xfrm_policy: fix a possible double xfrm_pols_put() in xfrm_bundle_lookup() * CVE-2022-3061 - video: fbdev: i740fb: Error out if 'pixclock' equals zero * CVE-2022-1516 - net/x25: Fix null-ptr-deref caused by x25_disconnect * CVE-2022-1205 - ax25: Fix NULL pointer dereferences in ax25 timers - ax25: Fix UAF bugs in ax25 timers * CVE-2022-2318 - net: rose: fix UAF bugs caused by timer handler * CVE-2022-1195 - hamradio: defer 6pack kfree after unregister_netdev - hamradio: defer ax25 kfree after unregister_netdev - hamradio: improve the incomplete fix to avoid NPD * CVE-2022-0494 - block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern * CVE-2021-26401 - x86/speculation: Use generic retpoline by default on AMD * Bionic update: upstream stable patchset 2022-10-18 (LP: #1993349) // CVE-2022-39188 - mm: Fix TLB flush for not-first PFNMAP mappings in unmap_region() * Bionic update: upstream stable patchset 2022-10-06 (LP: #1992112) // CVE-2022-39188 - mm: Force TLB flush for PFNMAP mappings before unlink_file_vma() * CVE-2022-45934 - Bluetooth: L2CAP: Fix u8 overflow * Bionic update: upstream stable patchset 2022-06-21 (LP: #1979355) // CVE-2022-2991 - lightnvm: disable the subsystem * Bionic update: upstream stable patchset 2021-11-02 (LP: #1949512) // CVE-2021-4203 - af_unix: fix races in sk_peer_pid and sk_peer_cred accesses * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) // CVE-2021-3772 - sctp: fix the processing for INIT chunk - sctp: fix the processing for INIT_ACK chunk * Bionic update: upstream stable patchset 2021-12-03 (LP: #1953202) // CVE-2021-3772 - sctp: use init_tag from inithdr for ABORT chunk - sctp: fix the processing for COOKIE_ECHO chunk - sctp: add vtag check in sctp_sf_violation - sctp: add vtag check in sctp_sf_do_8_5_1_E_sa - sctp: add vtag check in sctp_sf_ootb * CVE-2022-3303 - ALSA: pcm: oss: Fix race at SNDCTL_DSP_SYNC * Bionic update: upstream stable patchset 2022-09-21 (LP: #1990434) // CVE-2022-1462 - tty: extract tty_flip_buffer_commit() from tty_flip_buffer_push() - tty: use new tty_insert_flip_string_and_push_buffer() in pty_write() * CVE-2022-1462 - tty: fix deadlock caused by calling printk() under tty_port->lock * Bionic update: upstream stable patchset 2020-11-10 (LP: #1903768) // CVE-2022-1462 - pty: do tty_flip_buffer_push without port->lock in pty_write * Bionic update: upstream stable patchset 2019-02-08 (LP: #1815234) // CVE-2022-1462 - tty: Fix data race in tty_insert_flip_string_fixed_flag * Bionic update: upstream stable patchset 2022-10-18 (LP: #1993349) // CVE-2022-4662 - USB: core: Prevent nested device-reset calls * Bionic update: upstream stable patchset 2022-03-04 (LP: #1963717) // CVE-2022-0617 - udf: Restore i_lenAlloc when inode expansion fails - udf: Fix NULL ptr deref when converting from inline format * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) // CVE-2022-1016 - netfilter: nf_tables: initialize registers in nft_do_chain() * Bionic update: upstream stable patchset 2022-05-17 (LP: #1973831) // CVE-2022-2380 - video: fbdev: sm712fb: Fix crash in smtcfb_read() * Bionic update: upstream stable patchset 2022-05-17 (LP: #1973831) // CVE-2022-3111 - power: supply: wm8350-power: Add missing free in free_charger_irq * CVE-2022-3628 - wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker() * Bionic update: upstream stable patchset 2021-08-27 (LP: #1941916) // CVE-2021-3732 - ovl: prevent private clone if bind mount is not allowed * Bionic update: upstream stable patchset 2021-12-13 (LP: #1954703) // CVE-2021-45868 - quota: check block number when reading the block in quota file * Bionic update: upstream stable patchset 2021-04-30 (LP: #1926808) // CVE-2021-3659 - net: mac802154: Fix general protection fault * Bionic update: upstream stable patchset 2023-03-03 (LP: #2009237) // CVE-2023-1074 - sctp: fail if no bound addresses can be used for a given scope * Bionic update: upstream stable patchset 2022-09-23 (LP: #1990698) // CVE-2023-1095 - netfilter: nf_tables: fix null deref due to zeroed list head * CVE-2023-1118 - media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE-2023-26607 - ntfs: fix out-of-bounds read in ntfs_attr_find() * Bionic update: upstream stable patchset 2022-09-23 (LP: #1990698) - ntfs: fix use-after-free in ntfs_ucsncmp() * CVE-2022-20572 - dm verity: set DM_TARGET_IMMUTABLE feature flag * CVE-2022-3903 - USB: add usb_control_msg_send() and usb_control_msg_recv() - USB: correct API of usb_control_msg_send/recv - USB: move snd_usb_pipe_sanity_check into the USB core - media: mceusb: Use new usb_control_msg_*() routines * Bionic update: upstream stable patchset 2022-02-11 (LP: #1960681) - media: mceusb: fix control-message timeouts * Bionic update: upstream stable patchset 2022-04-26 (LP: #1970479) // CVE-2021-4149 - btrfs: unlock newly allocated extent buffer after error * Bionic update: upstream stable patchset 2022-01-11 (LP: #1957113) // CVE-2022-20132 - HID: wacom: fix problems when device is not a valid USB device - HID: check for valid USB device for many HID drivers * Bionic update: upstream stable patchset 2022-01-11 (LP: #1957113) - HID: add hid_is_usb() function to make it simpler for USB detection * Bionic update: upstream stable patchset 2022-01-14 (LP: #1957957) // CVE-2021-28713 - xen/console: harden hvc_xen against event channel storms * CVE-2021-28712 - xen/netfront: harden netfront against event channel storms * CVE-2021-28711 - xen/blkfront: harden blkfront against event channel storms * CVE-2023-26545 - net: mpls: fix stale pointer if allocation fails during device rename * Bionic update: upstream stable patchset 2022-06-21 (LP: #1979355) // CVE-2022-1975 - NFC: netlink: fix sleep in atomic bug when firmware download timeout * Bionic update: upstream stable patchset 2022-07-25 (LP: #1982782) // CVE-2022-1974 - NFC: NULL out the dev->rfkill to prevent UAF * CVE-2022-1974 - nfc: replace improper check device_is_registered() in netlink related functions * Bionic update: upstream stable patchset 2022-05-17 (LP: #1973831) // CVE-2022-1011 - fuse: fix pipe buffer lifetime for direct_io * Bionic update: upstream stable patchset 2022-03-29 (LP: #1967013) // CVE-2022-0487 - moxart: fix potential use-after-free on remove path * CVE-2021-3669 - ipc: replace costly bailout check in sysvipc_find_ipc() * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE-2022-41218 is assigned to those bugs above. // CVE-2023-1118 - media: dvb-core: Fix UAF due to refcount races at releasing * Bionic update: upstream stable patchset 2021-08-03 (LP: #1938824) // CVE-2023-28772 - seq_buf: Fix overflow in seq_buf_putmem_hex() * Bionic update: upstream stable patchset 2021-02-10 (LP: #1915328) // CVE-2023-1390 - tipc: fix NULL deref in tipc_link_xmit() * Bionic update: upstream stable patchset 2022-11-15 (LP: #1996650) // CVE-2022-41850 - HID: roccat: Fix use-after-free in roccat_read() * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE-2023-23455 - net: sched: atm: dont intepret cls results when asked to drop * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE-2022-47929 - net: sched: disallow noqueue for qdisc classes * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE-2022-3424 - misc: sgi-gru: fix use-after-free error in gru_set_context_option, gru_fault and gru_handle_user_call_os * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE-2023-0394 - ipv6: raw: Deduct extension header length in rawv6_push_pending_frames * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE-2022-36280 - drm/vmwgfx: Validate the box size for the snooped cursor * Bionic update: upstream stable patchset 2022-11-15 (LP: #1996650) // CVE-2022-41849 - fbdev: smscufx: Fix use-after-free in ufx_ops_open() * Miscellaneous Ubuntu changes - Config update * Miscellaneous upstream changes - media: dvb: dmx: fixed coding style issues of spacing - NFC: reorder the logic in nfc_{un,}register_device - xen/blkfront: separate per ring information out of device info - xen/blkfront: pseudo support for multi hardware queues/rings - xen/blkfront: split per device io_lock - xen/io: use virt_xxx barriers - xen: sync include/xen/interface/io/ring.h with Xen's newest version - xen/netfront: read response from backend only once - xen/netfront: don't read data from request on the ring page - xen/netfront: disentangle tx_skb_freelist - xen/netfront: don't trust the backend response data blindly - HID: introduce hid_is_using_ll_driver - clone_private_mount() doesn't need to touch namespace_sem - lightnvm: NVM should depend on HAS_DMA

Update

Update command: apt-get update apt-get --only-upgrade install linux*

Packages list

linux-buildinfo-4.4.0-238-tuxcare.els9-generic_4.4.0-238.272_amd64.deb linux-buildinfo-4.4.0-238-tuxcare.els9-lowlatency_4.4.0-238.272_amd64.deb linux-cloud-tools-4.4.0-238-tuxcare.els9_4.4.0-238.272_amd64.deb linux-cloud-tools-4.4.0-238-tuxcare.els9-generic_4.4.0-238.272_amd64.deb linux-cloud-tools-4.4.0-238-tuxcare.els9-lowlatency_4.4.0-238.272_amd64.deb linux-cloud-tools-common_4.4.0-238.272_all.deb linux-cloud-tools-generic_4.4.0.238.272_amd64.deb linux-cloud-tools-lowlatency_4.4.0.238.272_amd64.deb linux-crashdump_4.4.0.238.272_amd64.deb linux-doc_4.4.0-238.272_all.deb linux-generic_4.4.0.238.272_amd64.deb linux-headers-4.4.0-238-tuxcare.els9_4.4.0-238.272_all.deb linux-headers-4.4.0-238-tuxcare.els9-generic_4.4.0-238.272_amd64.deb linux-headers-4.4.0-238-tuxcare.els9-lowlatency_4.4.0-238.272_amd64.deb linux-headers-generic_4.4.0.238.272_amd64.deb linux-headers-lowlatency_4.4.0.238.272_amd64.deb linux-image-generic_4.4.0.238.272_amd64.deb linux-image-lowlatency_4.4.0.238.272_amd64.deb linux-image-unsigned-4.4.0-238-tuxcare.els9-generic_4.4.0-238.272_amd64.deb linux-image-unsigned-4.4.0-238-tuxcare.els9-lowlatency_4.4.0-238.272_amd64.deb linux-libc-dev_4.4.0-238.272_amd64.deb linux-lowlatency_4.4.0.238.272_amd64.deb linux-modules-4.4.0-238-tuxcare.els9-generic_4.4.0-238.272_amd64.deb linux-modules-4.4.0-238-tuxcare.els9-lowlatency_4.4.0-238.272_amd64.deb linux-modules-extra-4.4.0-238-tuxcare.els9-generic_4.4.0-238.272_amd64.deb linux-source_4.4.0.238.272_all.deb linux-source-4.4.0_4.4.0-238.272_all.deb linux-tools-4.4.0-238-tuxcare.els9_4.4.0-238.272_amd64.deb linux-tools-4.4.0-238-tuxcare.els9-generic_4.4.0-238.272_amd64.deb linux-tools-4.4.0-238-tuxcare.els9-lowlatency_4.4.0-238.272_amd64.deb linux-tools-common_4.4.0-238.272_all.deb linux-tools-generic_4.4.0.238.272_amd64.deb linux-tools-host_4.4.0-238.272_all.deb linux-tools-lowlatency_4.4.0.238.272_amd64.deb

CVEs

CVE-2022-1975
CVE-2022-1198
CVE-2022-47929
CVE-2023-1095
CVE-2021-45868
CVE-2021-26401
CVE-2022-41218
CVE-2022-1974
CVE-2021-3772
CVE-2021-4203
CVE-2022-20572
CVE-2021-28711
CVE-2022-3061
CVE-2021-3669
CVE-2022-36280
CVE-2022-1462
CVE-2023-0394
CVE-2023-1390
CVE-2022-1016
CVE-2022-39188
CVE-2022-0617
CVE-2022-1205
CVE-2023-1074
CVE-2022-3424
CVE-2023-1118
CVE-2021-28712
CVE-2022-45934
CVE-2022-36879
CVE-2022-41849
CVE-2022-3628
CVE-2022-2318
CVE-2022-4662
CVE-2022-3111
CVE-2020-36516
CVE-2022-41850
CVE-2022-20132
CVE-2022-1195
CVE-2021-3732
CVE-2022-0487
CVE-2021-3659
CVE-2022-2380
CVE-2023-26545
CVE-2023-23455
CVE-2021-28713
CVE-2021-4149
CVE-2022-0494
CVE-2022-3903
CVE-2022-1011
CVE-2022-1516
CVE-2022-2991
CVE-2023-26607
CVE-2023-28772
CVE-2022-3303