Release Info

Advisory: CLSA-2025:1760713752

OS: Ubuntu 16.04 ELS

Public date: 2025-10-17 15:09:14.125043

Project: linux-hwe

Version: 4.15.0-252.263~16.04.1

Errata link: https://errata.tuxcare.com/els_os/ubuntu16.04els/CLSA-2025-1760713752.html

Changelog

[ Ubuntu: 4.15.0-252.263 ] * CVE-url: https://ubuntu.com/security/CVE-2022-43945 - NFSD: Protect against send buffer overflow in NFSv3 READ * Focal update: v5.4.285 upstream stable release (LP: #2089233) // CVE-2024-49924 // CVE-url: https://ubuntu.com/security/CVE-2024-49924 - fbdev: pxafb: Fix possible use after free in pxafb_task() * CVE-url: https://ubuntu.com/security/CVE-2025-38477 - net/sched: sch_qfq: Fix race condition on qfq_aggregate - net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class * CVE-url: https://ubuntu.com/security/CVE-2025-38618 - vsock: Do not allow binding to VMADDR_PORT_ANY * CVE-url: https://ubuntu.com/security/CVE-2025-38617 - net/packet: fix a race in packet_set_ring() and packet_notifier() * CVE-url: https://ubuntu.com/security/CVE-2025-21796 - nfsd: clear acl_access/acl_default after releasing them * CVE-url: https://ubuntu.com/security/CVE-2022-48827 - NFSD: Fix the behavior of READ near OFFSET_MAX * CVE-url: https://ubuntu.com/security/CVE-2021-47391 - RDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests * CVE-url: https://ubuntu.com/security/CVE-2024-41069 - ASoC: topology: Fix references to freed memory - ASoC: topology: Do not assign fields that are already set - ASoC: topology: Clean up route loading * CVE-url: https://ubuntu.com/security/CVE-2024-56616 - drm/dp_mst: Fix MST sideband message body length check * Focal update: v5.4.261 upstream stable release (LP: #2049049) // CVE-url: https://ubuntu.com/security/CVE-2023-52868 - thermal: core: prevent potential string overflow * Focal update: v5.4.262 upstream stable release (LP: #2049069) // CVE-url: https://ubuntu.com/security/CVE-2023-52836 - locking/ww_mutex/test: Fix potential workqueue corruption * CVE-2024-35965 // CVE-url: https://ubuntu.com/security/CVE-2024-35965 - Bluetooth: L2CAP: uninitialized variables in l2cap_sock_setsockopt() - Bluetooth: L2CAP: Fix not validating setsockopt user input * Focal update: v5.4.188 upstream stable release (LP: #1971496) // CVE-url: https://ubuntu.com/security/CVE-2022-49292 - ALSA: oss: Fix PCM OSS buffer allocation overflow * Focal update: v5.4.262 upstream stable release (LP: #2049069) // CVE-url: https://ubuntu.com/security/CVE-2023-52835 - perf/core: Bail out early if the request AUX area is out of bound * Focal update: v5.4.262 upstream stable release (LP: #2049069) // CVE-url: https://ubuntu.com/security/CVE-2023-52764 - media: gspca: cpia1: shift-out-of-bounds in set_flicker * Focal update: v5.4.261 upstream stable release (LP: #2049049) // CVE-url: https://ubuntu.com/security/CVE-2023-52864 - platform/x86: wmi: Fix probe failure when failing to register WMI devices - platform/x86: wmi: remove unnecessary initializations - platform/x86: wmi: Fix opening of char device * CVE-2024-35966 // CVE-url: https://ubuntu.com/security/CVE-2024-35966 - Bluetooth: RFCOMM: Fix not validating setsockopt user input * CVE-2024-35967 // CVE-url: https://ubuntu.com/security/CVE-2024-35966 - Bluetooth: SCO: Fix not validating setsockopt user input * Focal update: v5.4.291 upstream stable release (LP: #2106002) // CVE-2025-21704 // CVE-url: https://ubuntu.com/security/CVE-2025-21704 - usb: cdc-acm: Check control transfer buffer size before access * CVE-url: https://ubuntu.com/security/CVE-2025-38350 - net/sched: Always pass notifications when child class becomes empty * CVE-url: https://ubuntu.com/security/CVE-2025-37798 - sch_htb: make htb_qlen_notify() idempotent

Update

Update command: apt-get update apt-get --only-upgrade install linux-hwe*

Packages list

linux-buildinfo-4.15.0-252-tuxcare.els50-generic_4.15.0-252.263~16.04.1_amd64.deb linux-buildinfo-4.15.0-252-tuxcare.els50-lowlatency_4.15.0-252.263~16.04.1_amd64.deb linux-cloud-tools-4.15.0-252-tuxcare.els50-generic_4.15.0-252.263~16.04.1_amd64.deb linux-cloud-tools-4.15.0-252-tuxcare.els50-lowlatency_4.15.0-252.263~16.04.1_amd64.deb linux-headers-4.15.0-252-tuxcare.els50_4.15.0-252.263~16.04.1_all.deb linux-headers-4.15.0-252-tuxcare.els50-generic_4.15.0-252.263~16.04.1_amd64.deb linux-headers-4.15.0-252-tuxcare.els50-lowlatency_4.15.0-252.263~16.04.1_amd64.deb linux-hwe-cloud-tools-4.15.0-252-tuxcare.els50_4.15.0-252.263~16.04.1_amd64.deb linux-hwe-tools-4.15.0-252-tuxcare.els50_4.15.0-252.263~16.04.1_amd64.deb linux-image-unsigned-4.15.0-252-tuxcare.els50-generic_4.15.0-252.263~16.04.1_amd64.deb linux-image-unsigned-4.15.0-252-tuxcare.els50-lowlatency_4.15.0-252.263~16.04.1_amd64.deb linux-modules-4.15.0-252-tuxcare.els50-generic_4.15.0-252.263~16.04.1_amd64.deb linux-modules-4.15.0-252-tuxcare.els50-lowlatency_4.15.0-252.263~16.04.1_amd64.deb linux-modules-extra-4.15.0-252-tuxcare.els50-generic_4.15.0-252.263~16.04.1_amd64.deb linux-source-4.15.0_4.15.0-252.263~16.04.1_all.deb linux-tools-4.15.0-252-tuxcare.els50-generic_4.15.0-252.263~16.04.1_amd64.deb linux-tools-4.15.0-252-tuxcare.els50-lowlatency_4.15.0-252.263~16.04.1_amd64.deb

CVEs

CVE-2023-52864
CVE-2024-41069
CVE-2025-21704
CVE-2024-49924
CVE-2024-35965
CVE-2023-52764
CVE-2025-38477
CVE-2021-47391
CVE-2024-56616
CVE-2024-35966
CVE-2023-52835
CVE-2023-52836
CVE-2022-48827
CVE-2025-38350
CVE-2022-49292
CVE-2023-52868
CVE-2025-21796
CVE-2022-43945
CVE-2025-38617
CVE-2025-38618