Release Info

Advisory: CLSA-2025:1760983231

OS: Ubuntu 16.04 ELS

Public date: 2025-10-20 18:00:33.617684

Project: linux

Version: 4.4.0-279.313

Errata link: https://errata.tuxcare.com/els_os/ubuntu16.04els/CLSA-2025-1760983231.html

Changelog

* CVE-url: https://ubuntu.com/security/CVE-2024-41069 - ASoC: topology: Fix references to freed memory - ASoC: topology: Do not assign fields that are already set - ASoC: topology: Clean up route loading * Bionic update: upstream stable patchset 2021-06-11 (LP: #1931740) // CVE- url: https://ubuntu.com/security/CVE-2021-47149 - net: fujitsu: fix potential null-ptr-deref * CVE-url: https://ubuntu.com/security/CVE-2024-35849 - btrfs: fix information leak in btrfs_ioctl_logical_to_ino() * CVE-url: https://ubuntu.com/security/CVE-2025-38618 - vsock: Do not allow binding to VMADDR_PORT_ANY * CVE-url: https://ubuntu.com/security/CVE-2025-38617 - net/packet: fix a race in packet_set_ring() and packet_notifier() * CVE-url: https://ubuntu.com/security/CVE-2025-21796 - nfsd: clear acl_access/acl_default after releasing them * Bionic update: upstream stable patchset 2021-08-03 (LP: #1938824) // CVE- url: https://ubuntu.com/security/CVE-2021-47319 - virtio-blk: Fix memory leak among suspend/resume procedure * Focal update: v5.4.285 upstream stable release (LP: #2089233) // CVE-2024-49924 // CVE-url: https://ubuntu.com/security/CVE-2024-49924 - fbdev: pxafb: Fix possible use after free in pxafb_task() * CVE-url: https://ubuntu.com/security/CVE-2022-48827 - NFSD: Fix the behavior of READ near OFFSET_MAX * Bionic update: upstream stable patchset 2022-03-04 (LP: #1963717) // CVE- url: https://ubuntu.com/security/CVE-2022-48737 - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw() - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw_sx() * Focal update: v5.4.261 upstream stable release (LP: #2049049) // CVE-url: https://ubuntu.com/security/CVE-2023-52868 - thermal: core: prevent potential string overflow * Bionic update: upstream stable patchset 2022-05-17 (LP: #1973831) // CVE- url: https://ubuntu.com/security/CVE-2021-47633 - ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111 * CVE-url: https://ubuntu.com/security/CVE-2021-47391 - RDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests * Bionic update: upstream stable patchset 2021-12-03 (LP: #1953202) // CVE- url: https://ubuntu.com/security/CVE-2021-47475 - comedi: vmk80xx: fix transfer-buffer overflows - comedi: vmk80xx: fix bulk-buffer overflow - comedi: vmk80xx: fix bulk and interrupt message timeouts * Bionic update: upstream stable patchset 2021-11-12 (LP: #1950816) // CVE- url: https://ubuntu.com/security/CVE-2021-47497 - nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells * CVE-2024-35965 // CVE-url: https://ubuntu.com/security/CVE-2024-35965 - Bluetooth: L2CAP: uninitialized variables in l2cap_sock_setsockopt() - Bluetooth: L2CAP: Fix not validating setsockopt user input * CVE-url: https://ubuntu.com/security/CVE-2024-56616 - drm/dp_mst: Fix MST sideband message body length check * Bionic update: upstream stable patchset 2022-07-25 (LP: #1982782) // CVE- url: https://ubuntu.com/security/CVE-2022-49407 - dlm: fix plock invalid read * Focal update: v5.4.188 upstream stable release (LP: #1971496) // CVE-url: https://ubuntu.com/security/CVE-2022-49292 - ALSA: oss: Fix PCM OSS buffer allocation overflow * Focal update: v5.4.262 upstream stable release (LP: #2049069) // CVE-url: https://ubuntu.com/security/CVE-2023-52835 - perf/core: Bail out early if the request AUX area is out of bound * Focal update: v5.4.262 upstream stable release (LP: #2049069) // CVE-url: https://ubuntu.com/security/CVE-2023-52764 - media: gspca: cpia1: shift-out-of-bounds in set_flicker * CVE-2024-35966 // CVE-url: https://ubuntu.com/security/CVE-2024-35966 - Bluetooth: RFCOMM: Fix not validating setsockopt user input * CVE-2024-35967 // CVE-url: https://ubuntu.com/security/CVE-2024-35966 - Bluetooth: SCO: Fix not validating setsockopt user input * Focal update: v5.4.291 upstream stable release (LP: #2106002) // CVE-2025-21704 // CVE-url: https://ubuntu.com/security/CVE-2025-21704 - usb: cdc-acm: Check control transfer buffer size before access * CVE-url: https://ubuntu.com/security/CVE-2025-21704 - cdc-acm: reassemble fragmented notifications * CVE-url: https://ubuntu.com/security/CVE-2025-37798 - sch_drr: make drr_qlen_notify() idempotent - sch_htb: make htb_qlen_notify() idempotent - sch_hfsc: make hfsc_qlen_notify() idempotent - sch_qfq: make qfq_qlen_notify() idempotent

Update

Update command: apt-get update apt-get --only-upgrade install linux*

Packages list

linux-buildinfo-4.4.0-279-tuxcare.els50-generic_4.4.0-279.313_amd64.deb linux-buildinfo-4.4.0-279-tuxcare.els50-lowlatency_4.4.0-279.313_amd64.deb linux-cloud-tools-4.4.0-279-tuxcare.els50_4.4.0-279.313_amd64.deb linux-cloud-tools-4.4.0-279-tuxcare.els50-generic_4.4.0-279.313_amd64.deb linux-cloud-tools-4.4.0-279-tuxcare.els50-lowlatency_4.4.0-279.313_amd64.deb linux-cloud-tools-common_4.4.0-279.313_all.deb linux-cloud-tools-generic_4.4.0.279.313_amd64.deb linux-cloud-tools-lowlatency_4.4.0.279.313_amd64.deb linux-crashdump_4.4.0.279.313_amd64.deb linux-doc_4.4.0-279.313_all.deb linux-generic_4.4.0.279.313_amd64.deb linux-headers-4.4.0-279-tuxcare.els50_4.4.0-279.313_all.deb linux-headers-4.4.0-279-tuxcare.els50-generic_4.4.0-279.313_amd64.deb linux-headers-4.4.0-279-tuxcare.els50-lowlatency_4.4.0-279.313_amd64.deb linux-headers-generic_4.4.0.279.313_amd64.deb linux-headers-lowlatency_4.4.0.279.313_amd64.deb linux-image-generic_4.4.0.279.313_amd64.deb linux-image-lowlatency_4.4.0.279.313_amd64.deb linux-image-unsigned-4.4.0-279-tuxcare.els50-generic_4.4.0-279.313_amd64.deb linux-image-unsigned-4.4.0-279-tuxcare.els50-lowlatency_4.4.0-279.313_amd64.deb linux-libc-dev_4.4.0-279.313_amd64.deb linux-lowlatency_4.4.0.279.313_amd64.deb linux-modules-4.4.0-279-tuxcare.els50-generic_4.4.0-279.313_amd64.deb linux-modules-4.4.0-279-tuxcare.els50-lowlatency_4.4.0-279.313_amd64.deb linux-modules-extra-4.4.0-279-tuxcare.els50-generic_4.4.0-279.313_amd64.deb linux-source_4.4.0.279.313_all.deb linux-source-4.4.0_4.4.0-279.313_all.deb linux-tools-4.4.0-279-tuxcare.els50_4.4.0-279.313_amd64.deb linux-tools-4.4.0-279-tuxcare.els50-generic_4.4.0-279.313_amd64.deb linux-tools-4.4.0-279-tuxcare.els50-lowlatency_4.4.0-279.313_amd64.deb linux-tools-common_4.4.0-279.313_all.deb linux-tools-generic_4.4.0.279.313_amd64.deb linux-tools-host_4.4.0-279.313_all.deb linux-tools-lowlatency_4.4.0.279.313_amd64.deb

CVEs

CVE-2021-47633
CVE-2022-49407
CVE-2024-41069
CVE-2024-35849
CVE-2023-52835
CVE-2021-47391
CVE-2021-47497
CVE-2025-21704
CVE-2023-52764
CVE-2021-47319
CVE-2022-48827
CVE-2021-47475
CVE-2022-49292
CVE-2023-52868
CVE-2021-47149
CVE-2024-49924
CVE-2024-35966
CVE-2025-38617
CVE-2022-48737
CVE-2025-21796
CVE-2024-35965
CVE-2025-37798
CVE-2024-56616
CVE-2025-38618