Release Info

Advisory: CLSA-2023:1693329914

OS: Ubuntu 16.04 ELS

Public date: 2023-08-29 13:25:16

Project: linux-hwe

Version: 4.15.0-215.226~16.04.1

Errata link: https://errata.cloudlinux.com/ubuntu16-els/CLSA-2023-1693329914.html

Changelog

* CVE-url: https://ubuntu.com/security/CVE-2023-4128 - net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after- free - net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after- free - net/sched: cls_route: No longer copy tcf_result on update to avoid use- after-free * CVE-url: https://ubuntu.com/security/CVE-2023-40283 - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb * CVE-2023-20593 // CVE-url: https://ubuntu.com/security/CVE-2023-20593 - x86/cpu/amd: Move the errata checking functionality up - x86/cpu/amd: Add a Zenbleed fix * CVE-2023-1859 // CVE-url: https://ubuntu.com/security/CVE-2023-1859 - 9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race condition * CVE-url: https://ubuntu.com/security/CVE-2023-35001 - netfilter: nf_tables: prevent OOB access in nft_byteorder_eval * Jammy update: v5.15.106 upstream stable release (LP: #2023233) // CVE-url: https://ubuntu.com/security/CVE-2023-1611 - btrfs: fix race between quota disable and quota assign ioctls * CVE-2023-3611 // CVE-url: https://ubuntu.com/security/CVE-2023-3611 - net/sched: sch_qfq: account for stab overhead in qfq_enqueue * CVE-2023-3776 // CVE-url: https://ubuntu.com/security/CVE-2023-3776 - net/sched: cls_fw: Fix improper refcount update leads to use-after-free

Update

Update command: apt-get update apt-get --only-upgrade install linux-hwe*

Packages list

linux-buildinfo-4.15.0-215-tuxcare.els13-generic_4.15.0-215.226~16.04.1_amd64.deb linux-buildinfo-4.15.0-215-tuxcare.els13-lowlatency_4.15.0-215.226~16.04.1_amd64.deb linux-cloud-tools-4.15.0-215-tuxcare.els13-generic_4.15.0-215.226~16.04.1_amd64.deb linux-cloud-tools-4.15.0-215-tuxcare.els13-lowlatency_4.15.0-215.226~16.04.1_amd64.deb linux-headers-4.15.0-215-tuxcare.els13_4.15.0-215.226~16.04.1_all.deb linux-headers-4.15.0-215-tuxcare.els13-generic_4.15.0-215.226~16.04.1_amd64.deb linux-headers-4.15.0-215-tuxcare.els13-lowlatency_4.15.0-215.226~16.04.1_amd64.deb linux-hwe-cloud-tools-4.15.0-215-tuxcare.els13_4.15.0-215.226~16.04.1_amd64.deb linux-hwe-tools-4.15.0-215-tuxcare.els13_4.15.0-215.226~16.04.1_amd64.deb linux-image-unsigned-4.15.0-215-tuxcare.els13-generic_4.15.0-215.226~16.04.1_amd64.deb linux-image-unsigned-4.15.0-215-tuxcare.els13-lowlatency_4.15.0-215.226~16.04.1_amd64.deb linux-modules-4.15.0-215-tuxcare.els13-generic_4.15.0-215.226~16.04.1_amd64.deb linux-modules-4.15.0-215-tuxcare.els13-lowlatency_4.15.0-215.226~16.04.1_amd64.deb linux-modules-extra-4.15.0-215-tuxcare.els13-generic_4.15.0-215.226~16.04.1_amd64.deb linux-source-4.15.0_4.15.0-215.226~16.04.1_all.deb linux-tools-4.15.0-215-tuxcare.els13-generic_4.15.0-215.226~16.04.1_amd64.deb linux-tools-4.15.0-215-tuxcare.els13-lowlatency_4.15.0-215.226~16.04.1_amd64.deb

CVEs

CVE-2023-4128
CVE-2023-35001
CVE-2023-3611
CVE-2023-3776
CVE-2023-1859
CVE-2023-40283
CVE-2023-1611
CVE-2023-20593