Release Info

Advisory: CLSA-2025:1738696174

OS: Ubuntu 16.04 ELS

Public date: 2025-02-04 14:09:36

Project: linux-hwe

Version: 4.15.0-243.254~16.04.1

Errata link: https://errata.cloudlinux.com/ubuntu16-els/CLSA-2025-1738696174.html

Changelog

[ Ubuntu: 4.15.0-243.254 ] * CVE-url: https://ubuntu.com/security/CVE-2024-26595 - mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in error path * CVE-url: https://ubuntu.com/security/CVE-2024-38553/CVE-2024-38597 - netpoll: make ndo_poll_controller() optional - bonding: use netpoll_poll_dev() helper - netpoll: do not test NAPI_STATE_SCHED in poll_one_napi() * CVE-url: https://ubuntu.com/security/CVE-2024-38597 - eth: sungem: remove .ndo_poll_controller to avoid deadlocks * CVE-url: https://ubuntu.com/security/CVE-2024-38553 - net: fec: remove .ndo_poll_controller to avoid deadlocks * CVE-url: https://ubuntu.com/security/CVE-2024-42252 - closures: Change BUG_ON() to WARN_ON() * CVE-url: https://ubuntu.com/security/CVE-2024-41066 - ibmvnic: Add tx check to prevent skb leak * CVE-url: https://ubuntu.com/security/CVE-2024-40982 - ssb: Fix potential NULL pointer dereference in ssb_device_uevent() * CVE-url: https://ubuntu.com/security/CVE-2024-26689 - ceph: prevent use-after-free in encode_cap_msg() - fixup! ceph: prevent use-after-free in encode_cap_msg() * CVE-url: https://ubuntu.com/security/CVE-2024-56595 - jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree * CVE-url: https://ubuntu.com/security/CVE-2024-57892 - ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv * CVE-url: https://ubuntu.com/security/CVE-2024-57896 - btrfs: fix hang during unmount when stopping a space reclaim worker - btrfs: wait for fixup workers before stopping cleaner kthread during umount - btrfs: flush delalloc workers queue before stopping cleaner kthread during unmount * CVE-url: https://ubuntu.com/security/CVE-2024-56598 - jfs: array-index-out-of-bounds fix in dtReadFirst * CVE-url: https://ubuntu.com/security/CVE-2024-56551 - drm/amdgpu: fix usage slab after free * CVE-url: https://ubuntu.com/security/CVE-2024-56596 - jfs: fix array-index-out-of-bounds in jfs_readdir * CVE-url: https://ubuntu.com/security/CVE-2024-56615 - bpf: fix OOB devmap writes when deleting elements * CVE-url: https://ubuntu.com/security/CVE-2024-57887 - drm: adv7511: Fix use-after-free in adv7533_attach_dsi() * CVE-url: https://ubuntu.com/security/CVE-2024-50154 - tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). * CVE-url: https://ubuntu.com/security/CVE-2024-56775 - drm/amd/display: Fix handling of plane refcount * CVE-url: https://ubuntu.com/security/CVE-2024-57900 - ila: serialize calls to nf_register_net_hooks() * CVE-url: https://ubuntu.com/security/CVE-2024-35887 - ax25: fix use-after-free bugs caused by ax25_ds_del_timer * CVE-url: https://ubuntu.com/security/CVE-2022-48739 - ASoC: hdmi-codec: Fix OOB memory accesses * CVE-url: https://ubuntu.com/security/CVE-2024-56704 - 9p/xen: fix release of IRQ * CVE-url: https://ubuntu.com/security/CVE-2024-56606 - af_packet: avoid erroring out after sock_init_data() in packet_create() * CVE-url: https://ubuntu.com/security/CVE-2024-53141 - netfilter: ipset: add missing range check in bitmap_ip_uadt * CVE-url: https://ubuntu.com/security/CVE-2023-52691 - drm/amd/pm: fix a double-free in si_dpm_init * CVE-url: https://ubuntu.com/security/CVE-2024-53165 - sh: intc: Fix use-after-free bug in register_intc_controller() * CVE-url: https://ubuntu.com/security/CVE-2023-52818 - drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 * CVE-url: https://ubuntu.com/security/CVE-2024-56603 - net: af_can: do not leave a dangling sk pointer in can_create() * CVE-url: https://ubuntu.com/security/CVE-2024-53173 - NFSv4.0: Fix a use-after-free problem in the asynchronous open() * CVE-url: https://ubuntu.com/security/CVE-2024-56602 - net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() * CVE-url: https://ubuntu.com/security/CVE-2024-26996 - usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error * CVE-url: https://ubuntu.com/security/CVE-2024-56650 - netfilter: x_tables: fix LED ID check in led_tg_check() * CVE-url: https://ubuntu.com/security/CVE-2024-56600 - net: inet6: do not leave a dangling sk pointer in inet6_create() * CVE-url: https://ubuntu.com/security/CVE-2024-53227 - scsi: bfa: Fix use-after-free in bfad_im_module_exit() * CVE-url: https://ubuntu.com/security/CVE-2021-47328 - scsi: iscsi: Fix conn use after free during resets * CVE-url: https://ubuntu.com/security/CVE-2024-53155 - ocfs2: fix uninitialized value in ocfs2_file_read_iter() * CVE-url: https://ubuntu.com/security/CVE-2024-56651 - can: hi311x: hi3110_can_ist(): fix potential use-after-free * CVE-url: https://ubuntu.com/security/CVE-2021-47281 - ALSA: timer: Fix possible race at assigning a timer instance - ALSA: seq: Fix race of snd_seq_timer_open() * CVE-url: https://ubuntu.com/security/CVE-2024-56605 - Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() * CVE-url: https://ubuntu.com/security/CVE-2024-53156 - wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() * CVE-url: https://ubuntu.com/security/CVE-2023-52741 - cifs: Fix use-after-free in rdata->read_into_pages() * CVE-url: https://ubuntu.com/security/CVE-2024-56759 - btrfs: fix use-after-free when COWing tree bock and tracing is enabled * CVE-url: https://ubuntu.com/security/CVE-2024-56604 - Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() * CVE-url: https://ubuntu.com/security/CVE-2024-53142 - initramfs: avoid filename buffer overrun * CVE-url: https://ubuntu.com/security/CVE-2024-56601 - net: inet: do not leave a dangling sk pointer in inet_create() * CVE-url: https://ubuntu.com/security/CVE-2024-56662 - acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl * CVE-url: https://ubuntu.com/security/CVE-2024-56631 - scsi: sg: Fix slab-use-after-free read in sg_release() * CVE-url: https://ubuntu.com/security/CVE-2024-53103 - hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer * CVE-url: https://ubuntu.com/security/CVE-2024-56581 - btrfs: ref-verify: fix use-after-free after invalid ref action * CVE-url: https://ubuntu.com/security/CVE-2021-47191 - scsi: scsi_debug: Fix out-of-bound read in resp_readcap16() * CVE-url: https://ubuntu.com/security/CVE-2023-52478 - HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect * CVE-url: https://ubuntu.com/security/CVE-2024-36924 - scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() * CVE-url: https://ubuntu.com/security/CVE-2023-52476 - perf/x86/lbr: Filter vsyscall addresses * CVE-url: https://ubuntu.com/security/CVE-2024-27011 - netfilter: nf_tables: fix memleak in map from abort path * CVE-url: https://ubuntu.com/security/CVE-2024-53088 - i40e: fix race condition by adding filter's intermediate sync state

Update

Update command: apt-get update apt-get --only-upgrade install linux-hwe*

Packages list

linux-buildinfo-4.15.0-243-tuxcare.els41-generic_4.15.0-243.254~16.04.1_amd64.deb linux-buildinfo-4.15.0-243-tuxcare.els41-lowlatency_4.15.0-243.254~16.04.1_amd64.deb linux-cloud-tools-4.15.0-243-tuxcare.els41-generic_4.15.0-243.254~16.04.1_amd64.deb linux-cloud-tools-4.15.0-243-tuxcare.els41-lowlatency_4.15.0-243.254~16.04.1_amd64.deb linux-cloud-tools-generic-hwe-16.04_4.15.0.243.178_amd64.deb linux-cloud-tools-lowlatency-hwe-16.04_4.15.0.243.178_amd64.deb linux-generic-hwe-16.04_4.15.0.243.178_amd64.deb linux-headers-4.15.0-243-tuxcare.els41_4.15.0-243.254~16.04.1_all.deb linux-headers-4.15.0-243-tuxcare.els41-generic_4.15.0-243.254~16.04.1_amd64.deb linux-headers-4.15.0-243-tuxcare.els41-lowlatency_4.15.0-243.254~16.04.1_amd64.deb linux-headers-generic-hwe-16.04_4.15.0.243.178_amd64.deb linux-headers-lowlatency-hwe-16.04_4.15.0.243.178_amd64.deb linux-hwe-cloud-tools-4.15.0-243-tuxcare.els41_4.15.0-243.254~16.04.1_amd64.deb linux-hwe-tools-4.15.0-243-tuxcare.els41_4.15.0-243.254~16.04.1_amd64.deb linux-image-generic-hwe-16.04_4.15.0.243.178_amd64.deb linux-image-lowlatency-hwe-16.04_4.15.0.243.178_amd64.deb linux-image-unsigned-4.15.0-243-tuxcare.els41-generic_4.15.0-243.254~16.04.1_amd64.deb linux-image-unsigned-4.15.0-243-tuxcare.els41-lowlatency_4.15.0-243.254~16.04.1_amd64.deb linux-lowlatency-hwe-16.04_4.15.0.243.178_amd64.deb linux-modules-4.15.0-243-tuxcare.els41-generic_4.15.0-243.254~16.04.1_amd64.deb linux-modules-4.15.0-243-tuxcare.els41-lowlatency_4.15.0-243.254~16.04.1_amd64.deb linux-modules-extra-4.15.0-243-tuxcare.els41-generic_4.15.0-243.254~16.04.1_amd64.deb linux-source-4.15.0_4.15.0-243.254~16.04.1_all.deb linux-tools-4.15.0-243-tuxcare.els41-generic_4.15.0-243.254~16.04.1_amd64.deb linux-tools-4.15.0-243-tuxcare.els41-lowlatency_4.15.0-243.254~16.04.1_amd64.deb linux-tools-generic-hwe-16.04_4.15.0.243.178_amd64.deb linux-tools-lowlatency-hwe-16.04_4.15.0.243.178_amd64.deb

CVEs

CVE-2024-56615
CVE-2024-56551
CVE-2024-57900
CVE-2024-57896
CVE-2024-56631
CVE-2024-56601
CVE-2024-56605
CVE-2024-53227
CVE-2024-56600
CVE-2024-56602
CVE-2024-53165
CVE-2024-57887
CVE-2024-56603
CVE-2021-47191
CVE-2024-56581
CVE-2024-53142
CVE-2024-56650
CVE-2023-52478
CVE-2024-27011
CVE-2024-57892
CVE-2024-56596
CVE-2023-52818
CVE-2024-56606
CVE-2024-56598
CVE-2024-56595
CVE-2024-56651
CVE-2024-56759
CVE-2022-48739
CVE-2024-35887
CVE-2024-56775
CVE-2024-56704
CVE-2021-47281
CVE-2024-53141
CVE-2024-26689
CVE-2024-26996
CVE-2024-56662
CVE-2024-53088
CVE-2024-36924
CVE-2023-52476
CVE-2024-53173
CVE-2024-26595
CVE-2024-41066
CVE-2023-52691
CVE-2024-50154
CVE-2024-56604
CVE-2023-52741
CVE-2024-53156
CVE-2024-53155
CVE-2024-53103
CVE-2021-47328
CVE-2024-40982
CVE-2024-42252
CVE-2024-38597
CVE-2024-38553