Release Info

Advisory: CLSA-2025:1764027437

OS: Ubuntu 16.04 ELS

Public date: 2025-11-24 23:37:19.211415

Project: linux-hwe

Version: 4.15.0-253.264~16.04.1

Errata link: https://errata.tuxcare.com/els_os/ubuntu16.04els/CLSA-2025-1764027437.html

Changelog

[ Ubuntu: 4.15.0-253.264 ] * Focal update: v5.4.291 upstream stable release (LP: #2106002) // CVE-2024-58072 - wifi: rtlwifi: remove unused check_buddy_priv * Focal update: v5.4.291 upstream stable release (LP: #2106002) - wifi: rtlwifi: remove unused timer and related code - wifi: rtlwifi: remove unused dualmac control leftovers * Focal update: v5.4.237 upstream stable release (LP: #2023420) - ext4: move where set the MAY_INLINE_DATA flag is set * CVE-url: https://ubuntu.com/security/CVE-2024-58014 - wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() * CVE-url: https://ubuntu.com/security/CVE-2025-38352 - posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() * CVE-url: https://ubuntu.com/security/CVE-2022-25265 - x86/elf: Add table to document READ_IMPLIES_EXEC - x86/elf: Split READ_IMPLIES_EXEC from executable PT_GNU_STACK - x86/elf: Disable automatic READ_IMPLIES_EXEC on 64-bit * Focal update: v5.4.279 upstream stable release (LP: #2073621) // CVE-url: https://ubuntu.com/security/CVE-2024-37078 - nilfs2: fix potential kernel bug due to lack of writeback flag waiting * CVE-url: https://ubuntu.com/security/CVE-2022-49170 - f2fs: fix to do sanity check on curseg->alloc_type * CVE-url: https://ubuntu.com/security/CVE-2021-47479 - staging: rtl8712: fix use-after-free in rtl8712_dl_fw * Focal update: v5.4.279 upstream stable release (LP: #2073621) // CVE-url: https://ubuntu.com/security/CVE-2024-39469 - nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors * CVE-url: https://ubuntu.com/security/CVE-2022-49519 - ath10k: skip ath10k_halt during suspend for driver state RESTARTING * CVE-url: https://ubuntu.com/security/CVE-2024-46713 - perf/aux: Fix AUX buffer serialization * Focal update: v5.4.262 upstream stable release (LP: #2049069) // CVE-url: https://ubuntu.com/security/CVE-2023-52804 - fs/jfs: Add check for negative db_l2nbperpage - fs/jfs: Add validity check for db_maxag and db_agpref * Focal update: v5.4.251 upstream stable release (LP: #2034918) // CVE-url: https://ubuntu.com/security/CVE-2023-52804 - jfs: jfs_dmap: Validate db_l2nbperpage while mounting * CVE-url: https://ubuntu.com/security/CVE-2024-36880 - Bluetooth: qca: add missing firmware sanity checks * Miscellaneous upstream changes - net: openvswitch: fix nested key length validation in the set() action - isofs: Prevent the use of too small fid - ext4: ignore xattrs past end - net: ppp: Add bound checking for skb data on ppp_sync_txmung - media: venus: hfi: add check to handle incorrect queue size - sctp: detect and prevent references to a freed transport in sendmsg - ext4: improve xattr consistency checking and error reporting - ext4: introduce ITAIL helper - ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all() - ibmvnic: Do not attempt to login if RX or TX queues are not allocated - ibmvnic: Enable GRO - ibmvnic: Fix netdev feature clobbering during a reset - ibmvnic: create send_control_ip_offload - ibmvnic: Define vnic_login_client_data name field as unsized array - ibmvnic: Use strscpy() instead of strncpy() - ibmvnic: Use kernel helpers for hex dumps - wifi: at76c50x: fix use after free access in at76_disconnect

Update

Update command: apt-get update apt-get --only-upgrade install linux-hwe*

Packages list

linux-buildinfo-4.15.0-253-tuxcare.els51-generic_4.15.0-253.264~16.04.1_amd64.deb linux-buildinfo-4.15.0-253-tuxcare.els51-lowlatency_4.15.0-253.264~16.04.1_amd64.deb linux-cloud-tools-4.15.0-253-tuxcare.els51-generic_4.15.0-253.264~16.04.1_amd64.deb linux-cloud-tools-4.15.0-253-tuxcare.els51-lowlatency_4.15.0-253.264~16.04.1_amd64.deb linux-headers-4.15.0-253-tuxcare.els51_4.15.0-253.264~16.04.1_all.deb linux-headers-4.15.0-253-tuxcare.els51-generic_4.15.0-253.264~16.04.1_amd64.deb linux-headers-4.15.0-253-tuxcare.els51-lowlatency_4.15.0-253.264~16.04.1_amd64.deb linux-hwe-cloud-tools-4.15.0-253-tuxcare.els51_4.15.0-253.264~16.04.1_amd64.deb linux-hwe-tools-4.15.0-253-tuxcare.els51_4.15.0-253.264~16.04.1_amd64.deb linux-image-unsigned-4.15.0-253-tuxcare.els51-generic_4.15.0-253.264~16.04.1_amd64.deb linux-image-unsigned-4.15.0-253-tuxcare.els51-lowlatency_4.15.0-253.264~16.04.1_amd64.deb linux-modules-4.15.0-253-tuxcare.els51-generic_4.15.0-253.264~16.04.1_amd64.deb linux-modules-4.15.0-253-tuxcare.els51-lowlatency_4.15.0-253.264~16.04.1_amd64.deb linux-modules-extra-4.15.0-253-tuxcare.els51-generic_4.15.0-253.264~16.04.1_amd64.deb linux-source-4.15.0_4.15.0-253.264~16.04.1_all.deb linux-tools-4.15.0-253-tuxcare.els51-generic_4.15.0-253.264~16.04.1_amd64.deb linux-tools-4.15.0-253-tuxcare.els51-lowlatency_4.15.0-253.264~16.04.1_amd64.deb

CVEs

CVE-2024-39469
CVE-2024-37078
CVE-2022-25265
CVE-2024-58014
CVE-2024-58072
CVE-2025-38352
CVE-2021-47479
CVE-2022-49170
CVE-2024-36880
CVE-2022-49519
CVE-2023-52804
CVE-2024-46713