Release Info

Advisory: CLSA-2023:1698306895

OS: Ubuntu 18.04 ELS

Public date: 2023-10-26 03:54:57

Project: linux

Version: 4.15.0-220.231

Errata link: https://errata.tuxcare.com/els_os/ubuntu18.04els/CLSA-2023-1698306895.html

Changelog

* CVE-2023-0597 // CVE-url: https://ubuntu.com/security/CVE-2023-0597 - x86/kasan: Map shadow for percpu pages on demand - x86/mm: Recompute physical address for every page of per-CPU CEA mapping - x86/mm: Populate KASAN shadow for entire per-CPU range of CPU entry area - x86/mm: Do not shuffle CPU entry areas without KASLR * CVE-url: https://ubuntu.com/security/CVE-2023-0597 - random32: add noise from network and scheduling activity - x86/mm: Randomize per-cpu entry area - x86/cpu_entry_area: Move percpu_setup_debug_store() to __init section - x86/cpu_entry_area: Cleanup setup functions * CVE-2023-42752 // CVE-url: https://ubuntu.com/security/CVE-2023-42752 - igmp: limit igmpv3_newpack() packet size to IP_MAX_MTU * CVE-2023-4623 // CVE-url: https://ubuntu.com/security/CVE-2023-4623 - net/sched: sch_hfsc: Ensure inner classes have fsc curve * CVE-2023-34319 // CVE-url: https://ubuntu.com/security/CVE-2023-34319 - xen/netback: Fix buffer overrun triggered by unusual packet * CVE-2023-4881 // CVE-url: https://ubuntu.com/security/CVE-2023-4881 - netfilter: nftables: exthdr: fix 4-byte stack OOB write * CVE-2023-31083 // CVE-url: https://ubuntu.com/security/CVE-2023-31083 - Bluetooth: hci_ldisc: check HCI_UART_PROTO_READY flag in HCIUARTGETPROTO * CVE-2023-3772 // CVE-url: https://ubuntu.com/security/CVE-2023-3772 - xfrm: add NULL check in xfrm_update_ae_params

Update

Update command: apt-get update apt-get --only-upgrade install linux*

Packages list

linux-buildinfo-4.15.0-220-tuxcare.els8-generic_4.15.0-220.231_amd64.deb linux-buildinfo-4.15.0-220-tuxcare.els8-lowlatency_4.15.0-220.231_amd64.deb linux-cloud-tools-4.15.0-220-tuxcare.els8_4.15.0-220.231_amd64.deb linux-cloud-tools-4.15.0-220-tuxcare.els8-generic_4.15.0-220.231_amd64.deb linux-cloud-tools-4.15.0-220-tuxcare.els8-lowlatency_4.15.0-220.231_amd64.deb linux-cloud-tools-common_4.15.0-220.231_all.deb linux-doc_4.15.0-220.231_all.deb linux-headers-4.15.0-220-tuxcare.els8_4.15.0-220.231_all.deb linux-headers-4.15.0-220-tuxcare.els8-generic_4.15.0-220.231_amd64.deb linux-headers-4.15.0-220-tuxcare.els8-lowlatency_4.15.0-220.231_amd64.deb linux-image-unsigned-4.15.0-220-tuxcare.els8-generic_4.15.0-220.231_amd64.deb linux-image-unsigned-4.15.0-220-tuxcare.els8-lowlatency_4.15.0-220.231_amd64.deb linux-libc-dev_4.15.0-220.231_amd64.deb linux-modules-4.15.0-220-tuxcare.els8-generic_4.15.0-220.231_amd64.deb linux-modules-4.15.0-220-tuxcare.els8-lowlatency_4.15.0-220.231_amd64.deb linux-modules-extra-4.15.0-220-tuxcare.els8-generic_4.15.0-220.231_amd64.deb linux-source-4.15.0_4.15.0-220.231_all.deb linux-tools-4.15.0-220-tuxcare.els8_4.15.0-220.231_amd64.deb linux-tools-4.15.0-220-tuxcare.els8-generic_4.15.0-220.231_amd64.deb linux-tools-4.15.0-220-tuxcare.els8-lowlatency_4.15.0-220.231_amd64.deb linux-tools-common_4.15.0-220.231_all.deb linux-tools-host_4.15.0-220.231_all.deb

CVEs

CVE-2023-4881
CVE-2023-34319
CVE-2023-3772
CVE-2023-4623
CVE-2023-42752
CVE-2023-0597
CVE-2023-31083