Release Info

Advisory: CLSA-2024:1716269479

OS: Ubuntu 16.04 ELS

Public date: 2024-05-21 01:31:21

Project: linux

Version: 4.4.0-256.290

Errata link: https://errata.tuxcare.com/els_os/ubuntu16.04els/CLSA-2024-1716269479.html

Changelog

* CVE-url: https://ubuntu.com/security/CVE-2023-47233 - wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach * CVE-url: https://ubuntu.com/security/CVE-2023-52601 - jfs: Fix memleak in dbAdjCtl * CVE-url: https://ubuntu.com/security/CVE-2024-26801 - Bluetooth: Avoid potential use-after-free in hci_error_reset * CVE-url: https://ubuntu.com/security/CVE-2024-26805 - netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter * CVE-url: https://ubuntu.com/security/CVE-2023-52566 - nilfs2: fix potential use after free in nilfs_gccache_submit_read_data() * CVE-url: https://ubuntu.com/security/CVE-2024-26622 - tomoyo: fix UAF write bug in tomoyo_write_control() * CVE-url: https://ubuntu.com/security/CVE-2024-26614 - tcp: make sure init the accept_queue's spinlocks once - ipv6: init the accept_queue's spinlocks in inet6_create * CVE-url: https://ubuntu.com/security/CVE-2023-52530 - wifi: mac80211: fix potential key use-after-free * CVE-url: https://ubuntu.com/security/CVE-2023-52524 - net: nfc: llcp: Add lock when modifying device list * CVE-url: https://ubuntu.com/security/CVE-2021-47173 - misc/uss720: fix memory leak in uss720_probe * Bionic update: upstream stable patchset 2021-07-14 (LP: #1936231) // CVE- url: https://ubuntu.com/security/CVE-2021-47171 - net: usb: fix possible use-after-free in smsc75xx_bind * Bionic update: upstream stable patchset 2021-06-11 (LP: #1931740) // CVE- url: https://ubuntu.com/security/CVE-2021-47171 - net: usb: fix memory leak in smsc75xx_bind * CVE-url: https://ubuntu.com/security/CVE-2024-26910 - timers: Get rid of del_singleshot_timer_sync() * CVE-url: https://ubuntu.com/security/CVE-2023-52595 - rt2x00: clear IV's on start to fix AP mode regression - wifi: rt2x00: restart beacon queue when hardware reset * CVE-url: https://ubuntu.com/security/CVE-2024-26696 - nilfs2: fix hang in nilfs_lookup_dirty_data_buffers() * CVE-url: https://ubuntu.com/security/CVE-2024-26685 - nilfs2: fix potential bug in end_buffer_async_write * CVE-url: https://ubuntu.com/security/CVE-2024-26625 - llc: call sock_orphan() at release time * CVE-url: https://ubuntu.com/security/CVE-2023-52615 - hwrng: core - Fix page fault dead lock on mmap-ed hwrng * CVE-url: https://ubuntu.com/security/CVE-2023-52486 - drm: Don't unref the same fb many times by mistake due to deadlock handling * CVE-url: https://ubuntu.com/security/CVE-2024-26697 - nilfs2: fix data corruption in dsync block recovery for small block sizes * CVE-url: https://ubuntu.com/security/CVE-2024-26679 - inet: read sk->sk_family once in inet_recv_error() * CVE-url: https://ubuntu.com/security/CVE-2023-52622 - ext4: remove unnecessary check from alloc_flex_gd() - ext4: avoid online resizing failures due to oversized flex bg * CVE-url: https://ubuntu.com/security/CVE-2024-26635 - llc: Drop support for ETH_P_TR_802_2. * CVE-url: https://ubuntu.com/security/CVE-2023-52594 - wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() * CVE-url: https://ubuntu.com/security/CVE-2024-26720 - mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again * CVE-url: https://ubuntu.com/security/CVE-2024-26825 - nfc: nci: free rx_data_reassembly skb on NCI device cleanup * CVE-url: https://ubuntu.com/security/CVE-2024-26671 - blk-mq: fix IO hang from sbitmap wakeup race * CVE-url: https://ubuntu.com/security/CVE-2024-26675 - ppp_async: limit MRU to 64K * CVE-url: https://ubuntu.com/security/CVE-2023-52602 - jfs: fix slab-out-of-bounds Read in dtSearch * CVE-url: https://ubuntu.com/security/CVE-2024-26704 - ext4: fix double-free of blocks due to wrong extents moved_len * CVE-url: https://ubuntu.com/security/CVE-2023-52619 - linux/kernel.h: Add ALIGN_DOWN macro - pstore: Make ramoops_init_przs generic for other prz arrays - pstore/ram: Fix crash when setting number of cpus to an odd number * CVE-url: https://ubuntu.com/security/CVE-2024-26636 - llc: make llc_ui_sendmsg() more robust against bonding changes * CVE-url: https://ubuntu.com/security/CVE-2023-52587 - IB/ipoib: Fix mcast list locking * CVE-url: https://ubuntu.com/security/CVE-2023-52601 // CVE-url: https://ubuntu.com/security/CVE-2023-52604 - jfs: fix array-index-out-of-bounds in dbAdjTree * CVE-url: https://ubuntu.com/security/CVE-2023-52604 - FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree * CVE-url: https://ubuntu.com/security/CVE-2023-52599 - jfs: fix array-index-out-of-bounds in diNewExt * Bionic update: upstream stable patchset 2022-11-15 (LP: #1996650) // CVE- url: https://ubuntu.com/security/CVE-2022-48659 - mm/slub: fix to return errno if kmalloc() fails * CVE-url: https://ubuntu.com/security/CVE-2024-26884 - bpf: Fix hashtab overflow check on 32-bit arches * CVE-url: https://ubuntu.com/security/CVE-2024-26882 - net: add atomic_long_t to net_device_stats fields - net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv() * Bionic update: upstream stable patchset 2019-07-19 (LP: #1837257) // CVE- url: https://ubuntu.com/security/CVE-2024-26882 - ip: validate header length on virtual device xmit * CVE-url: https://ubuntu.com/security/CVE-2024-26908 - x86/xen: Add some null pointer checking to smp.c * CVE-url: https://ubuntu.com/security/CVE-2024-26904 - btrfs: fix data race at btrfs_use_block_rsv() when accessing block reserve * CVE-url: https://ubuntu.com/security/CVE-2024-26903 - Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security * CVE-url: https://ubuntu.com/security/CVE-2024-26901 - do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak * CVE-url: https://ubuntu.com/security/CVE-2024-26898 - aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts

Update

Update command: apt-get update apt-get --only-upgrade install linux*

Packages list

linux-buildinfo-4.4.0-256-tuxcare.els27-generic_4.4.0-256.290_amd64.deb linux-buildinfo-4.4.0-256-tuxcare.els27-lowlatency_4.4.0-256.290_amd64.deb linux-cloud-tools-4.4.0-256-tuxcare.els27_4.4.0-256.290_amd64.deb linux-cloud-tools-4.4.0-256-tuxcare.els27-generic_4.4.0-256.290_amd64.deb linux-cloud-tools-4.4.0-256-tuxcare.els27-lowlatency_4.4.0-256.290_amd64.deb linux-cloud-tools-common_4.4.0-256.290_all.deb linux-doc_4.4.0-256.290_all.deb linux-headers-4.4.0-256-tuxcare.els27_4.4.0-256.290_all.deb linux-headers-4.4.0-256-tuxcare.els27-generic_4.4.0-256.290_amd64.deb linux-headers-4.4.0-256-tuxcare.els27-lowlatency_4.4.0-256.290_amd64.deb linux-image-unsigned-4.4.0-256-tuxcare.els27-generic_4.4.0-256.290_amd64.deb linux-image-unsigned-4.4.0-256-tuxcare.els27-lowlatency_4.4.0-256.290_amd64.deb linux-libc-dev_4.4.0-256.290_amd64.deb linux-modules-4.4.0-256-tuxcare.els27-generic_4.4.0-256.290_amd64.deb linux-modules-4.4.0-256-tuxcare.els27-lowlatency_4.4.0-256.290_amd64.deb linux-modules-extra-4.4.0-256-tuxcare.els27-generic_4.4.0-256.290_amd64.deb linux-source-4.4.0_4.4.0-256.290_all.deb linux-tools-4.4.0-256-tuxcare.els27_4.4.0-256.290_amd64.deb linux-tools-4.4.0-256-tuxcare.els27-generic_4.4.0-256.290_amd64.deb linux-tools-4.4.0-256-tuxcare.els27-lowlatency_4.4.0-256.290_amd64.deb linux-tools-common_4.4.0-256.290_all.deb linux-tools-host_4.4.0-256.290_all.deb

CVEs

CVE-2024-26908
CVE-2024-26904
CVE-2024-26679
CVE-2023-52615
CVE-2023-52595
CVE-2024-26898
CVE-2022-48659
CVE-2024-26625
CVE-2023-52599
CVE-2023-52594
CVE-2023-52619
CVE-2024-26704
CVE-2023-52602
CVE-2024-26720
CVE-2024-26685
CVE-2024-26801
CVE-2024-26884
CVE-2024-26805
CVE-2024-26614
CVE-2023-52486
CVE-2024-26882
CVE-2024-26910
CVE-2023-47233
CVE-2024-26622
CVE-2023-52601
CVE-2024-26635
CVE-2023-52587
CVE-2024-26636
CVE-2023-52604
CVE-2023-52622
CVE-2023-52524
CVE-2023-52566
CVE-2021-47171
CVE-2024-26825
CVE-2024-26671
CVE-2024-26697
CVE-2024-26675
CVE-2021-47173
CVE-2023-52530
CVE-2024-26903
CVE-2024-26901
CVE-2024-26696