Release Info

Advisory: CLSA-2024:1721658474

OS: Ubuntu 16.04 ELS

Public date: 2024-07-22 10:27:57

Project: linux

Version: 4.4.0-260.294

Errata link: https://errata.tuxcare.com/els_os/ubuntu16.04els/CLSA-2024-1721658474.html

Changelog

* CVE-url: https://ubuntu.com/security/CVE-2024-26810 - vfio/pci: Lock external INTx masking ops * CVE-url: https://ubuntu.com/security/CVE-2024-38587 - speakup: Fix sizeof() vs ARRAY_SIZE() bug * CVE-url: https://ubuntu.com/security/CVE-2024-39493 - crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak * CVE-url: https://ubuntu.com/security/CVE-2024-38381 - nfc: nci: Fix uninit-value in nci_rx_work * CVE-url: https://ubuntu.com/security/CVE-2023-52620 - netfilter: nf_tables: disallow timeout for anonymous sets * CVE-url: https://ubuntu.com/security/CVE-2024-35805 - dm snapshot: fix lockup in dm_exception_table_exit * CVE-url: https://ubuntu.com/security/CVE-2024-26923 - af_unix: Fix garbage collector racing against connect() * CVE-url: https://ubuntu.com/security/CVE-2024-35969 - ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr * CVE-url: https://ubuntu.com/security/CVE-2024-26863 - hsr: Fix uninit-value access in hsr_get_node() * CVE-url: https://ubuntu.com/security/CVE-2024-26993 - fs: sysfs: Fix reference leak in sysfs_break_active_protection() * CVE-url: https://ubuntu.com/security/CVE-2024-27388 - SUNRPC: fix some memleaks in gssx_dec_option_array * CVE-url: https://ubuntu.com/security/CVE-2024-35886 - ipv6: Fix infinite recursion in fib6_dump_done(). * CVE-url: https://ubuntu.com/security/CVE-2024-35809 - PCI/PM: Drain runtime-idle callbacks before driver removal * CVE-url: https://ubuntu.com/security/CVE-2024-26875 - media: pvrusb2: fix uaf in pvr2_context_set_notify * CVE-url: https://ubuntu.com/security/CVE-2024-26851 - netfilter: nf_conntrack_h323: Add protection for bmp length out of range * CVE-url: https://ubuntu.com/security/CVE-2024-35915 - nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet * CVE-url: https://ubuntu.com/security/CVE-2024-26999 - serial/pmac_zilog: Remove flawed mitigation for rx irq flood * CVE-url: https://ubuntu.com/security/CVE-2023-52699 - sysv: don't call sb_bread() with pointers_lock held * CVE-url: https://ubuntu.com/security/CVE-2024-35828 - wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() * CVE-url: https://ubuntu.com/security/CVE-2024-27001 - comedi: vmk80xx: fix incomplete endpoint checking * CVE-url: https://ubuntu.com/security/CVE-2024-27008 - drm: nv04: Fix out of bounds access * CVE-url: https://ubuntu.com/security/CVE-2024-35935 - btrfs: send: handle path ref underflow in header iterate_inode_ref() * CVE-url: https://ubuntu.com/security/CVE-2024-27059 - USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command * CVE-url: https://ubuntu.com/security/CVE-2024-26974 - crypto: qat - resolve race condition during AER recovery * CVE-url: https://ubuntu.com/security/CVE-2024-26965 - clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays * CVE-url: https://ubuntu.com/security/CVE-2024-26931 - scsi: qla2xxx: Fix command flush on cable pull * CVE-url: https://ubuntu.com/security/CVE-2024-35910 - mptcp: add sk_stop_timer_sync helper * CVE-url: https://ubuntu.com/security/CVE-2024-35944 - VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host() * CVE-url: https://ubuntu.com/security/CVE-2024-35830 - media: tc358743: register v4l2 async device only after successful setup * CVE-url: https://ubuntu.com/security/CVE-2024-26956 - nilfs2: fix failure to detect DAT corruption in btree and direct mappings * CVE-url: https://ubuntu.com/security/CVE-2024-35807 - ext4: fix corruption during on-line resize * CVE-url: https://ubuntu.com/security/CVE-2024-26813 - vfio/platform: Create persistent IRQ handlers * CVE-url: https://ubuntu.com/security/CVE-2023-52644 - wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled * CVE-url: https://ubuntu.com/security/CVE-2024-26966 - clk: qcom: mmcc-apq8084: fix terminating of frequency table arrays * CVE-url: https://ubuntu.com/security/CVE-2024-27073 - media: ttpci: fix two memleaks in budget_av_attach * CVE-url: https://ubuntu.com/security/CVE-2023-52880 - tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc * CVE-url: https://ubuntu.com/security/CVE-2023-52650 - drm/tegra: dsi: Add missing check for of_find_device_by_node * CVE-url: https://ubuntu.com/security/CVE-2024-35933 - Bluetooth: btintel: Fix null ptr deref in btintel_read_version * CVE-url: https://ubuntu.com/security/CVE-2024-35930 - scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() * CVE-url: https://ubuntu.com/security/CVE-2024-27419 - netrom: Fix data-races around sysctl_net_busy_read * CVE-url: https://ubuntu.com/security/CVE-2024-27074 - media: go7007: fix a memleak in go7007_load_encoder * CVE-url: https://ubuntu.com/security/CVE-2024-26859 - net/bnx2x: Prevent access to a freed page in page_pool * CVE-url: https://ubuntu.com/security/CVE-2024-26973 - fat: fix uninitialized field in nostale filehandles * CVE-url: https://ubuntu.com/security/CVE-2024-27436 - ALSA: usb-audio: Stop parsing channels bits when all channels are found. * CVE-url: https://ubuntu.com/security/CVE-2024-35936 - btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks() * CVE-url: https://ubuntu.com/security/CVE-2024-35821 - ubifs: Set page uptodate in the correct place * CVE-url: https://ubuntu.com/security/CVE-2024-27075 - media: dvb-frontends: avoid stack overflow warnings with clang * CVE-url: https://ubuntu.com/security/CVE-2024-26651 - sr9800: Add check for usbnet_get_endpoints * CVE-url: https://ubuntu.com/security/CVE-2024-27043 - media: edia: dvbdev: fix a use-after-free * CVE-url: https://ubuntu.com/security/CVE-2024-26976 - KVM: Always flush async #PF workqueue when vCPU is being destroyed * CVE-url: https://ubuntu.com/security/CVE-2024-27000 - serial: mxs-auart: add spinlock around changing cts state * CVE-url: https://ubuntu.com/security/CVE-2024-35815 - fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion * CVE-url: https://ubuntu.com/security/CVE-2024-26894 - ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit() * CVE-url: https://ubuntu.com/security/CVE-2024-35922 - fbmon: prevent division by zero in fb_videomode_from_videomode() * CVE-url: https://ubuntu.com/security/CVE-2024-24857 // CVE-url: https://ubuntu.com/security/CVE-2024-24858 // CVE-url: https://ubuntu.com/security/CVE-2024-24859 - Bluetooth: Fix TOCTOU in HCI debugfs implementation * CVE-url: https://ubuntu.com/security/CVE-2024-27078 - media: v4l2-tpg: fix some memleaks in tpg_alloc * CVE-url: https://ubuntu.com/security/CVE-2024-26981 - nilfs2: fix OOB in nilfs_set_de_type * CVE-url: https://ubuntu.com/security/CVE-2024-26816 - x86, relocs: Ignore relocations in .notes section * CVE-url: https://ubuntu.com/security/CVE-2024-26880 - dm: call the resume method on internal suspend * CVE-url: https://ubuntu.com/security/CVE-2024-26994 - speakup: Avoid crash on very long word * CVE-url: https://ubuntu.com/security/CVE-2024-27437 - genirq: Warn when IRQ_NOAUTOEN is used with shared interrupts - genirq: Add IRQF_NO_AUTOEN for request_irq/nmi() - vfio/pci: Disable auto-enable of exclusive INTx IRQ * CVE-url: https://ubuntu.com/security/CVE-2024-26955 - nilfs2: prevent kernel bug at submit_bh_wbc() * CVE-url: https://ubuntu.com/security/CVE-2024-26643 - netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout * CVE-url: https://ubuntu.com/security/CVE-2024-26886 - Bluetooth: af_bluetooth: Fix deadlock

Update

Update command: apt-get update apt-get --only-upgrade install linux*

Packages list

linux-buildinfo-4.4.0-260-tuxcare.els31-generic_4.4.0-260.294_amd64.deb linux-buildinfo-4.4.0-260-tuxcare.els31-lowlatency_4.4.0-260.294_amd64.deb linux-cloud-tools-4.4.0-260-tuxcare.els31_4.4.0-260.294_amd64.deb linux-cloud-tools-4.4.0-260-tuxcare.els31-generic_4.4.0-260.294_amd64.deb linux-cloud-tools-4.4.0-260-tuxcare.els31-lowlatency_4.4.0-260.294_amd64.deb linux-cloud-tools-common_4.4.0-260.294_all.deb linux-doc_4.4.0-260.294_all.deb linux-headers-4.4.0-260-tuxcare.els31_4.4.0-260.294_all.deb linux-headers-4.4.0-260-tuxcare.els31-generic_4.4.0-260.294_amd64.deb linux-headers-4.4.0-260-tuxcare.els31-lowlatency_4.4.0-260.294_amd64.deb linux-image-unsigned-4.4.0-260-tuxcare.els31-generic_4.4.0-260.294_amd64.deb linux-image-unsigned-4.4.0-260-tuxcare.els31-lowlatency_4.4.0-260.294_amd64.deb linux-libc-dev_4.4.0-260.294_amd64.deb linux-modules-4.4.0-260-tuxcare.els31-generic_4.4.0-260.294_amd64.deb linux-modules-4.4.0-260-tuxcare.els31-lowlatency_4.4.0-260.294_amd64.deb linux-modules-extra-4.4.0-260-tuxcare.els31-generic_4.4.0-260.294_amd64.deb linux-source-4.4.0_4.4.0-260.294_all.deb linux-tools-4.4.0-260-tuxcare.els31_4.4.0-260.294_amd64.deb linux-tools-4.4.0-260-tuxcare.els31-generic_4.4.0-260.294_amd64.deb linux-tools-4.4.0-260-tuxcare.els31-lowlatency_4.4.0-260.294_amd64.deb linux-tools-common_4.4.0-260.294_all.deb linux-tools-host_4.4.0-260.294_all.deb

CVEs

CVE-2023-52620
CVE-2024-26651
CVE-2024-27073
CVE-2024-26981
CVE-2024-27078
CVE-2024-27074
CVE-2024-35935
CVE-2024-26994
CVE-2024-27059
CVE-2024-27388
CVE-2024-26880
CVE-2024-35922
CVE-2024-26976
CVE-2024-35805
CVE-2024-27436
CVE-2023-52650
CVE-2023-52880
CVE-2023-52644
CVE-2024-35886
CVE-2024-35969
CVE-2024-26863
CVE-2024-26993
CVE-2024-26923
CVE-2023-52699
CVE-2024-35828
CVE-2024-26965
CVE-2024-24859
CVE-2024-26966
CVE-2024-35930
CVE-2024-26955
CVE-2024-26956
CVE-2024-35821
CVE-2024-26931
CVE-2024-39493
CVE-2024-35915
CVE-2024-27001
CVE-2024-38587
CVE-2024-35809
CVE-2024-26875
CVE-2024-26974
CVE-2024-35910
CVE-2024-35944
CVE-2024-35830
CVE-2024-35807
CVE-2024-26813
CVE-2024-26810
CVE-2024-35933
CVE-2024-27419
CVE-2024-26859
CVE-2024-35936
CVE-2024-27075
CVE-2024-27000
CVE-2024-35815
CVE-2024-26894
CVE-2024-26886
CVE-2024-27043
CVE-2024-24858
CVE-2024-24857
CVE-2024-26973
CVE-2024-27008
CVE-2024-26999
CVE-2024-38381
CVE-2024-27437
CVE-2024-26816
CVE-2024-26643
CVE-2024-26851