Release Info

Advisory: CLSA-2024:1716980592

OS: Ubuntu 16.04 ELS

Public date: 2024-05-29 07:03:14

Project: linux-hwe

Version: 4.15.0-229.240~16.04.1

Errata link: https://errata.cloudlinux.com/ubuntu16-els/CLSA-2024-1716980592.html

Changelog

[ Ubuntu: 4.15.0-229.240 ] * CVE-url: https://ubuntu.com/security/CVE-2022-48673 - net/smc: Fix possible access to freed memory in link clear * CVE-url: https://ubuntu.com/security/CVE-2024-35997 - HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up * CVE-url: https://ubuntu.com/security/CVE-2023-52752 - smb: client: fix use-after-free bug in cifs_debug_data_proc_show() * CVE-url: https://ubuntu.com/security/CVE-2022-48687 - ipv6: sr: fix out-of-bounds read when setting HMAC data. * CVE-url: https://ubuntu.com/security/CVE-2024-27013 - tun: limit printing rate when illegal packet received by tun dev * CVE-url: https://ubuntu.com/security/CVE-2024-27019 - netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() * CVE-url: https://ubuntu.com/security/CVE-2023-52809 - scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() * CVE-url: https://ubuntu.com/security/CVE-2024-26934 - USB: core: Fix deadlock in usb_deauthorize_interface() * CVE-url: https://ubuntu.com/security/CVE-2024-35978 - Bluetooth: Fix memory leak in hci_req_sync_complete() * CVE-url: https://ubuntu.com/security/CVE-2023-52753 - drm/amd/display: Avoid NULL dereference of timing generator * CVE-url: https://ubuntu.com/security/CVE-2023-52806 - ALSA: hda: Fix possible null-ptr-deref when assigning a stream * CVE-url: https://ubuntu.com/security/CVE-2024-35984 - i2c: smbus: fix NULL function pointer dereference * CVE-url: https://ubuntu.com/security/CVE-2023-52817 - drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL * CVE-url: https://ubuntu.com/security/CVE-2024-27020 - netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() * CVE-url: https://ubuntu.com/security/CVE-2024-35982 - batman-adv: Avoid infinite loop trying to resize local TT * CVE-url: https://ubuntu.com/security/CVE-2024-26929 - scsi: qla2xxx: Fix double free of fcport * CVE-url: https://ubuntu.com/security/CVE-2023-52802 - iio: adc: stm32-adc: harden against NULL pointer deref in stm32_adc_probe()

Update

Update command: apt-get update apt-get --only-upgrade install linux-hwe*

Packages list

linux-buildinfo-4.15.0-229-tuxcare.els27-generic_4.15.0-229.240~16.04.1_amd64.deb linux-buildinfo-4.15.0-229-tuxcare.els27-lowlatency_4.15.0-229.240~16.04.1_amd64.deb linux-cloud-tools-4.15.0-229-tuxcare.els27-generic_4.15.0-229.240~16.04.1_amd64.deb linux-cloud-tools-4.15.0-229-tuxcare.els27-lowlatency_4.15.0-229.240~16.04.1_amd64.deb linux-headers-4.15.0-229-tuxcare.els27_4.15.0-229.240~16.04.1_all.deb linux-headers-4.15.0-229-tuxcare.els27-generic_4.15.0-229.240~16.04.1_amd64.deb linux-headers-4.15.0-229-tuxcare.els27-lowlatency_4.15.0-229.240~16.04.1_amd64.deb linux-hwe-cloud-tools-4.15.0-229-tuxcare.els27_4.15.0-229.240~16.04.1_amd64.deb linux-hwe-tools-4.15.0-229-tuxcare.els27_4.15.0-229.240~16.04.1_amd64.deb linux-image-unsigned-4.15.0-229-tuxcare.els27-generic_4.15.0-229.240~16.04.1_amd64.deb linux-image-unsigned-4.15.0-229-tuxcare.els27-lowlatency_4.15.0-229.240~16.04.1_amd64.deb linux-modules-4.15.0-229-tuxcare.els27-generic_4.15.0-229.240~16.04.1_amd64.deb linux-modules-4.15.0-229-tuxcare.els27-lowlatency_4.15.0-229.240~16.04.1_amd64.deb linux-modules-extra-4.15.0-229-tuxcare.els27-generic_4.15.0-229.240~16.04.1_amd64.deb linux-source-4.15.0_4.15.0-229.240~16.04.1_all.deb linux-tools-4.15.0-229-tuxcare.els27-generic_4.15.0-229.240~16.04.1_amd64.deb linux-tools-4.15.0-229-tuxcare.els27-lowlatency_4.15.0-229.240~16.04.1_amd64.deb

CVEs

CVE-2023-52802
CVE-2023-52752
CVE-2024-35982
CVE-2023-52817
CVE-2024-27013
CVE-2022-48687
CVE-2024-27019
CVE-2023-52806
CVE-2022-48673
CVE-2023-52753
CVE-2024-35997
CVE-2024-35984
CVE-2023-52809
CVE-2024-26934
CVE-2024-35978
CVE-2024-27020
CVE-2024-26929