Release Info

Advisory: CLSA-2023:1698305104

OS: Ubuntu 16.04 ELS

Public date: 2023-10-26 03:25:07

Project: linux-hwe

Version: 4.15.0-220.231~16.04.1

Errata link: https://errata.tuxcare.com/els_os/ubuntu16.04els/CLSA-2023-1698305104.html

Changelog

[ Ubuntu: 4.15.0-220.231 ] * CVE-2023-0597 // CVE-url: https://ubuntu.com/security/CVE-2023-0597 - x86/kasan: Map shadow for percpu pages on demand - x86/mm: Recompute physical address for every page of per-CPU CEA mapping - x86/mm: Populate KASAN shadow for entire per-CPU range of CPU entry area - x86/mm: Do not shuffle CPU entry areas without KASLR * CVE-url: https://ubuntu.com/security/CVE-2023-0597 - random32: add noise from network and scheduling activity - x86/mm: Randomize per-cpu entry area - x86/cpu_entry_area: Move percpu_setup_debug_store() to __init section - x86/cpu_entry_area: Cleanup setup functions * CVE-2023-42752 // CVE-url: https://ubuntu.com/security/CVE-2023-42752 - igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU * CVE-2023-4623 // CVE-url: https://ubuntu.com/security/CVE-2023-4623 - net/sched: sch_hfsc: Ensure inner classes have fsc curve * CVE-2023-34319 // CVE-url: https://ubuntu.com/security/CVE-2023-34319 - xen/netback: Fix buffer overrun triggered by unusual packet * CVE-2023-4881 // CVE-url: https://ubuntu.com/security/CVE-2023-4881 - netfilter: nftables: exthdr: fix 4-byte stack OOB write * CVE-2023-31083 // CVE-url: https://ubuntu.com/security/CVE-2023-31083 - Bluetooth: hci_ldisc: check HCI_UART_PROTO_READY flag in HCIUARTGETPROTO * CVE-2023-3772 // CVE-url: https://ubuntu.com/security/CVE-2023-3772 - xfrm: add NULL check in xfrm_update_ae_params

Update

Update command: apt-get update apt-get --only-upgrade install linux-hwe*

Packages list

linux-buildinfo-4.15.0-220-tuxcare.els18-generic_4.15.0-220.231~16.04.1_amd64.deb linux-buildinfo-4.15.0-220-tuxcare.els18-lowlatency_4.15.0-220.231~16.04.1_amd64.deb linux-cloud-tools-4.15.0-220-tuxcare.els18-generic_4.15.0-220.231~16.04.1_amd64.deb linux-cloud-tools-4.15.0-220-tuxcare.els18-lowlatency_4.15.0-220.231~16.04.1_amd64.deb linux-headers-4.15.0-220-tuxcare.els18_4.15.0-220.231~16.04.1_all.deb linux-headers-4.15.0-220-tuxcare.els18-generic_4.15.0-220.231~16.04.1_amd64.deb linux-headers-4.15.0-220-tuxcare.els18-lowlatency_4.15.0-220.231~16.04.1_amd64.deb linux-hwe-cloud-tools-4.15.0-220-tuxcare.els18_4.15.0-220.231~16.04.1_amd64.deb linux-hwe-tools-4.15.0-220-tuxcare.els18_4.15.0-220.231~16.04.1_amd64.deb linux-image-unsigned-4.15.0-220-tuxcare.els18-generic_4.15.0-220.231~16.04.1_amd64.deb linux-image-unsigned-4.15.0-220-tuxcare.els18-lowlatency_4.15.0-220.231~16.04.1_amd64.deb linux-modules-4.15.0-220-tuxcare.els18-generic_4.15.0-220.231~16.04.1_amd64.deb linux-modules-4.15.0-220-tuxcare.els18-lowlatency_4.15.0-220.231~16.04.1_amd64.deb linux-modules-extra-4.15.0-220-tuxcare.els18-generic_4.15.0-220.231~16.04.1_amd64.deb linux-source-4.15.0_4.15.0-220.231~16.04.1_all.deb linux-tools-4.15.0-220-tuxcare.els18-generic_4.15.0-220.231~16.04.1_amd64.deb linux-tools-4.15.0-220-tuxcare.els18-lowlatency_4.15.0-220.231~16.04.1_amd64.deb

CVEs

CVE-2023-31083
CVE-2023-4623
CVE-2023-42752
CVE-2023-3772
CVE-2023-0597
CVE-2023-34319
CVE-2023-4881