Release Info

Advisory: CLSA-2024:1710946064

OS: Ubuntu 16.04 ELS

Public date: 2024-03-20 10:47:46

Project: linux-hwe

Version: 4.15.0-225.236~16.04.1

Errata link: https://errata.tuxcare.com/els_os/ubuntu16.04els/CLSA-2024-1710946064.html

Changelog

[ Ubuntu: 4.15.0-225.236 ] * CVE-url: https://ubuntu.com/security/CVE-2023-52449 - mtd: Fix gluebi NULL pointer dereference caused by ftl notifier * CVE-url: https://ubuntu.com/security/CVE-2023-39197 - netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one * CVE-url: https://ubuntu.com/security/CVE-2023-34256 - ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum * CVE-url: https://ubuntu.com/security/CVE-2024-24855 - scsi: lpfc: Fix a possible data race in lpfc_unregister_fcf_rescan() * CVE-url: https://ubuntu.com/security/CVE-2024-26602 - locking: Introduce __cleanup() based infrastructure - dmaengine: ioat: Free up __cleanup() name - sched/membarrier: reduce the ability to hammer on sys_membarrier * CVE-url: https://ubuntu.com/security/CVE-2023-52435 - net: prevent mss overflow in skb_segment() * CVE-url: https://ubuntu.com/security/CVE-2023-52445 - media: pvrusb2: fix use after free on context disconnection * CVE-url: https://ubuntu.com/security/CVE-2023-52444 - f2fs: fix to avoid dirent corruption * CVE-url: https://ubuntu.com/security/CVE-2023-52443 - apparmor: avoid crash when parsed profile name is empty * CVE-url: https://ubuntu.com/security/CVE-2021-44879 - f2fs: fix to do sanity check on inode type during garbage collection * CVE-url: https://ubuntu.com/security/CVE-2023-6121 - nvmet: nul-terminate the NQNs passed in the connect command * CVE-url: https://ubuntu.com/security/CVE-2024-24860 - Bluetooth: Move {min,max}_key_size debugfs into hci_debugfs_create_le - Bluetooth: Fix atomicity violation in {min,max}_key_size_set

Update

Update command: apt-get update apt-get --only-upgrade install linux-hwe*

Packages list

linux-buildinfo-4.15.0-225-tuxcare.els23-generic_4.15.0-225.236~16.04.1_amd64.deb linux-buildinfo-4.15.0-225-tuxcare.els23-lowlatency_4.15.0-225.236~16.04.1_amd64.deb linux-cloud-tools-4.15.0-225-tuxcare.els23-generic_4.15.0-225.236~16.04.1_amd64.deb linux-cloud-tools-4.15.0-225-tuxcare.els23-lowlatency_4.15.0-225.236~16.04.1_amd64.deb linux-headers-4.15.0-225-tuxcare.els23_4.15.0-225.236~16.04.1_all.deb linux-headers-4.15.0-225-tuxcare.els23-generic_4.15.0-225.236~16.04.1_amd64.deb linux-headers-4.15.0-225-tuxcare.els23-lowlatency_4.15.0-225.236~16.04.1_amd64.deb linux-hwe-cloud-tools-4.15.0-225-tuxcare.els23_4.15.0-225.236~16.04.1_amd64.deb linux-hwe-tools-4.15.0-225-tuxcare.els23_4.15.0-225.236~16.04.1_amd64.deb linux-image-unsigned-4.15.0-225-tuxcare.els23-generic_4.15.0-225.236~16.04.1_amd64.deb linux-image-unsigned-4.15.0-225-tuxcare.els23-lowlatency_4.15.0-225.236~16.04.1_amd64.deb linux-modules-4.15.0-225-tuxcare.els23-generic_4.15.0-225.236~16.04.1_amd64.deb linux-modules-4.15.0-225-tuxcare.els23-lowlatency_4.15.0-225.236~16.04.1_amd64.deb linux-modules-extra-4.15.0-225-tuxcare.els23-generic_4.15.0-225.236~16.04.1_amd64.deb linux-source-4.15.0_4.15.0-225.236~16.04.1_all.deb linux-tools-4.15.0-225-tuxcare.els23-generic_4.15.0-225.236~16.04.1_amd64.deb linux-tools-4.15.0-225-tuxcare.els23-lowlatency_4.15.0-225.236~16.04.1_amd64.deb

CVEs

CVE-2021-44879
CVE-2023-52444
CVE-2023-52443
CVE-2024-24855
CVE-2023-52435
CVE-2024-24860
CVE-2023-52445
CVE-2024-26602
CVE-2023-34256
CVE-2023-39197
CVE-2023-6121
CVE-2023-52449