{
"document": {
"aggregate_severity": {
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "TuxCare License Agreement",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.",
"title": "Terms of Use"
},
{
"category": "details",
"text": "* CVE-url: https://ubuntu.com/security/CVE-2021-47352\n - virtio-net: Add validation for used length\n * CVE-url: https://ubuntu.com/security/CVE-2024-46771\n - can: bcm: Remove proc entry when dev is unregistered.\n * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596) // CVE-\n url: https://ubuntu.com/security/CVE-2022-49842\n - ASoC: core: Fix use-after-free in snd_soc_exit()\n * CVE-url: https://ubuntu.com/security/CVE-2021-47336\n - smackfs: restrict bytes count in smk_set_cipso()\n * CVE-url: https://ubuntu.com/security/CVE-2025-21993\n - iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic()\n * CVE-url: https://ubuntu.com/security/CVE-2022-49541\n - cifs: fix potential double free during failed mount\n * CVE-url: https://ubuntu.com/security/CVE-2021-47281\n - ALSA: timer: Protect the whole snd_timer_close() with open race\n - ALSA: timer: Follow standard EXPORT_SYMBOL() declarations\n - ALSA: timer: Limit max instances per timer\n - ALSA: timer: Fix possible race at assigning a timer instance\n - ALSA: seq: Fix race of snd_seq_timer_open()\n * Bionic update: upstream stable patchset 2020-01-14 (LP: #1859712) // CVE-\n url: https://ubuntu.com/security/CVE-2021-47281\n - ALSA: timer: Limit max amount of slave instances\n * Bionic update: upstream stable patchset 2019-11-13 (LP: #1852492) // CVE-\n url: https://ubuntu.com/security/CVE-2021-47281\n - ALSA: timer: Fix mutex deadlock at releasing card\n - ALSA: timer: Simplify error path in snd_timer_open()",
"title": "Details"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://tuxcare.com/contact/",
"name": "TuxCare",
"namespace": "https://tuxcare.com/"
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.tuxcare.com/csaf/v2/els_os/ubuntu16.04els/advisories/2025/clsa-2025_1754037187.json"
},
{
"category": "self",
"summary": "https://cve.tuxcare.com/els/releases/CLSA-2025:1754037187",
"url": "https://cve.tuxcare.com/els/releases/CLSA-2025:1754037187"
}
],
"tracking": {
"current_release_date": "2025-08-01T08:34:58Z",
"generator": {
"date": "2025-08-01T08:34:58Z",
"engine": {
"name": "pyCSAF"
}
},
"id": "CLSA-2025:1754037187",
"initial_release_date": "2025-08-01T08:34:58Z",
"revision_history": [
{
"date": "2025-08-01T08:34:58Z",
"number": "1",
"summary": "Initial version"
}
],
"status": "final",
"version": "1"
},
"title": "Fix of 7 CVEs"
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu 16.04",
"product": {
"name": "Ubuntu 16.04",
"product_id": "Ubuntu-16",
"product_identification_helper": {
"cpe": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"
}
}
}
],
"category": "product_family",
"name": "Ubuntu"
}
],
"category": "vendor",
"name": "Canonical Ltd."
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "linux-modules-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"product": {
"name": "linux-modules-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"product_id": "linux-modules-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-modules-4.4.0-277-tuxcare.els48-generic@4.4.0-277.311?arch=amd64"
}
}
},
{
"category": "product_version",
"name": "linux-libc-dev-0:4.4.0-277.311.amd64",
"product": {
"name": "linux-libc-dev-0:4.4.0-277.311.amd64",
"product_id": "linux-libc-dev-0:4.4.0-277.311.amd64",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-libc-dev@4.4.0-277.311?arch=amd64"
}
}
},
{
"category": "product_version",
"name": "linux-headers-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"product": {
"name": "linux-headers-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"product_id": "linux-headers-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-headers-4.4.0-277-tuxcare.els48-lowlatency@4.4.0-277.311?arch=amd64"
}
}
},
{
"category": "product_version",
"name": "linux-cloud-tools-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"product": {
"name": "linux-cloud-tools-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"product_id": "linux-cloud-tools-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-cloud-tools-4.4.0-277-tuxcare.els48-lowlatency@4.4.0-277.311?arch=amd64"
}
}
},
{
"category": "product_version",
"name": "linux-cloud-tools-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"product": {
"name": "linux-cloud-tools-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"product_id": "linux-cloud-tools-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-cloud-tools-4.4.0-277-tuxcare.els48-generic@4.4.0-277.311?arch=amd64"
}
}
},
{
"category": "product_version",
"name": "linux-image-unsigned-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"product": {
"name": "linux-image-unsigned-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"product_id": "linux-image-unsigned-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-image-unsigned-4.4.0-277-tuxcare.els48-generic@4.4.0-277.311?arch=amd64"
}
}
},
{
"category": "product_version",
"name": "linux-cloud-tools-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.amd64",
"product": {
"name": "linux-cloud-tools-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.amd64",
"product_id": "linux-cloud-tools-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.amd64",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-cloud-tools-4.4.0-277-tuxcare.els48@4.4.0-277.311?arch=amd64"
}
}
},
{
"category": "product_version",
"name": "linux-image-unsigned-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"product": {
"name": "linux-image-unsigned-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"product_id": "linux-image-unsigned-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-image-unsigned-4.4.0-277-tuxcare.els48-lowlatency@4.4.0-277.311?arch=amd64"
}
}
},
{
"category": "product_version",
"name": "linux-tools-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"product": {
"name": "linux-tools-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"product_id": "linux-tools-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-tools-4.4.0-277-tuxcare.els48-generic@4.4.0-277.311?arch=amd64"
}
}
},
{
"category": "product_version",
"name": "linux-headers-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"product": {
"name": "linux-headers-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"product_id": "linux-headers-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-headers-4.4.0-277-tuxcare.els48-generic@4.4.0-277.311?arch=amd64"
}
}
},
{
"category": "product_version",
"name": "linux-modules-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"product": {
"name": "linux-modules-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"product_id": "linux-modules-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-modules-4.4.0-277-tuxcare.els48-lowlatency@4.4.0-277.311?arch=amd64"
}
}
},
{
"category": "product_version",
"name": "linux-buildinfo-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"product": {
"name": "linux-buildinfo-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"product_id": "linux-buildinfo-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-buildinfo-4.4.0-277-tuxcare.els48-lowlatency@4.4.0-277.311?arch=amd64"
}
}
},
{
"category": "product_version",
"name": "linux-tools-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"product": {
"name": "linux-tools-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"product_id": "linux-tools-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-tools-4.4.0-277-tuxcare.els48-lowlatency@4.4.0-277.311?arch=amd64"
}
}
},
{
"category": "product_version",
"name": "linux-tools-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.amd64",
"product": {
"name": "linux-tools-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.amd64",
"product_id": "linux-tools-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.amd64",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-tools-4.4.0-277-tuxcare.els48@4.4.0-277.311?arch=amd64"
}
}
},
{
"category": "product_version",
"name": "linux-buildinfo-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"product": {
"name": "linux-buildinfo-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"product_id": "linux-buildinfo-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-buildinfo-4.4.0-277-tuxcare.els48-generic@4.4.0-277.311?arch=amd64"
}
}
},
{
"category": "product_version",
"name": "linux-modules-extra-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"product": {
"name": "linux-modules-extra-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"product_id": "linux-modules-extra-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-modules-extra-4.4.0-277-tuxcare.els48-generic@4.4.0-277.311?arch=amd64"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "linux-headers-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.all",
"product": {
"name": "linux-headers-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.all",
"product_id": "linux-headers-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.all",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-headers-4.4.0-277-tuxcare.els48@4.4.0-277.311?arch=all"
}
}
},
{
"category": "product_version",
"name": "linux-tools-host-0:4.4.0-277.311.all",
"product": {
"name": "linux-tools-host-0:4.4.0-277.311.all",
"product_id": "linux-tools-host-0:4.4.0-277.311.all",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-tools-host@4.4.0-277.311?arch=all"
}
}
},
{
"category": "product_version",
"name": "linux-source-4.4.0-0:4.4.0-277.311.all",
"product": {
"name": "linux-source-4.4.0-0:4.4.0-277.311.all",
"product_id": "linux-source-4.4.0-0:4.4.0-277.311.all",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-source-4.4.0@4.4.0-277.311?arch=all"
}
}
},
{
"category": "product_version",
"name": "linux-tools-common-0:4.4.0-277.311.all",
"product": {
"name": "linux-tools-common-0:4.4.0-277.311.all",
"product_id": "linux-tools-common-0:4.4.0-277.311.all",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-tools-common@4.4.0-277.311?arch=all"
}
}
},
{
"category": "product_version",
"name": "linux-cloud-tools-common-0:4.4.0-277.311.all",
"product": {
"name": "linux-cloud-tools-common-0:4.4.0-277.311.all",
"product_id": "linux-cloud-tools-common-0:4.4.0-277.311.all",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-cloud-tools-common@4.4.0-277.311?arch=all"
}
}
},
{
"category": "product_version",
"name": "linux-doc-0:4.4.0-277.311.all",
"product": {
"name": "linux-doc-0:4.4.0-277.311.all",
"product_id": "linux-doc-0:4.4.0-277.311.all",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-doc@4.4.0-277.311?arch=all"
}
}
}
],
"category": "architecture",
"name": "all"
}
],
"category": "vendor",
"name": "CloudLinux"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-modules-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64 as a component of Ubuntu 16.04",
"product_id": "Ubuntu-16:linux-modules-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64"
},
"product_reference": "linux-modules-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"relates_to_product_reference": "Ubuntu-16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-libc-dev-0:4.4.0-277.311.amd64 as a component of Ubuntu 16.04",
"product_id": "Ubuntu-16:linux-libc-dev-0:4.4.0-277.311.amd64"
},
"product_reference": "linux-libc-dev-0:4.4.0-277.311.amd64",
"relates_to_product_reference": "Ubuntu-16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-headers-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.all as a component of Ubuntu 16.04",
"product_id": "Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.all"
},
"product_reference": "linux-headers-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.all",
"relates_to_product_reference": "Ubuntu-16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-tools-host-0:4.4.0-277.311.all as a component of Ubuntu 16.04",
"product_id": "Ubuntu-16:linux-tools-host-0:4.4.0-277.311.all"
},
"product_reference": "linux-tools-host-0:4.4.0-277.311.all",
"relates_to_product_reference": "Ubuntu-16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-source-4.4.0-0:4.4.0-277.311.all as a component of Ubuntu 16.04",
"product_id": "Ubuntu-16:linux-source-4.4.0-0:4.4.0-277.311.all"
},
"product_reference": "linux-source-4.4.0-0:4.4.0-277.311.all",
"relates_to_product_reference": "Ubuntu-16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-headers-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64 as a component of Ubuntu 16.04",
"product_id": "Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64"
},
"product_reference": "linux-headers-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"relates_to_product_reference": "Ubuntu-16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-cloud-tools-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64 as a component of Ubuntu 16.04",
"product_id": "Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64"
},
"product_reference": "linux-cloud-tools-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"relates_to_product_reference": "Ubuntu-16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-cloud-tools-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64 as a component of Ubuntu 16.04",
"product_id": "Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64"
},
"product_reference": "linux-cloud-tools-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"relates_to_product_reference": "Ubuntu-16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-image-unsigned-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64 as a component of Ubuntu 16.04",
"product_id": "Ubuntu-16:linux-image-unsigned-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64"
},
"product_reference": "linux-image-unsigned-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"relates_to_product_reference": "Ubuntu-16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-cloud-tools-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.amd64 as a component of Ubuntu 16.04",
"product_id": "Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.amd64"
},
"product_reference": "linux-cloud-tools-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.amd64",
"relates_to_product_reference": "Ubuntu-16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-image-unsigned-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64 as a component of Ubuntu 16.04",
"product_id": "Ubuntu-16:linux-image-unsigned-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64"
},
"product_reference": "linux-image-unsigned-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"relates_to_product_reference": "Ubuntu-16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-tools-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64 as a component of Ubuntu 16.04",
"product_id": "Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64"
},
"product_reference": "linux-tools-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"relates_to_product_reference": "Ubuntu-16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-headers-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64 as a component of Ubuntu 16.04",
"product_id": "Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64"
},
"product_reference": "linux-headers-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"relates_to_product_reference": "Ubuntu-16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-modules-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64 as a component of Ubuntu 16.04",
"product_id": "Ubuntu-16:linux-modules-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64"
},
"product_reference": "linux-modules-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"relates_to_product_reference": "Ubuntu-16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-buildinfo-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64 as a component of Ubuntu 16.04",
"product_id": "Ubuntu-16:linux-buildinfo-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64"
},
"product_reference": "linux-buildinfo-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"relates_to_product_reference": "Ubuntu-16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-tools-common-0:4.4.0-277.311.all as a component of Ubuntu 16.04",
"product_id": "Ubuntu-16:linux-tools-common-0:4.4.0-277.311.all"
},
"product_reference": "linux-tools-common-0:4.4.0-277.311.all",
"relates_to_product_reference": "Ubuntu-16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-tools-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64 as a component of Ubuntu 16.04",
"product_id": "Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64"
},
"product_reference": "linux-tools-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"relates_to_product_reference": "Ubuntu-16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-cloud-tools-common-0:4.4.0-277.311.all as a component of Ubuntu 16.04",
"product_id": "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-277.311.all"
},
"product_reference": "linux-cloud-tools-common-0:4.4.0-277.311.all",
"relates_to_product_reference": "Ubuntu-16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-tools-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.amd64 as a component of Ubuntu 16.04",
"product_id": "Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.amd64"
},
"product_reference": "linux-tools-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.amd64",
"relates_to_product_reference": "Ubuntu-16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-doc-0:4.4.0-277.311.all as a component of Ubuntu 16.04",
"product_id": "Ubuntu-16:linux-doc-0:4.4.0-277.311.all"
},
"product_reference": "linux-doc-0:4.4.0-277.311.all",
"relates_to_product_reference": "Ubuntu-16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-buildinfo-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64 as a component of Ubuntu 16.04",
"product_id": "Ubuntu-16:linux-buildinfo-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64"
},
"product_reference": "linux-buildinfo-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"relates_to_product_reference": "Ubuntu-16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-modules-extra-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64 as a component of Ubuntu 16.04",
"product_id": "Ubuntu-16:linux-modules-extra-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64"
},
"product_reference": "linux-modules-extra-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"relates_to_product_reference": "Ubuntu-16"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-46771",
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: bcm: Remove proc entry when dev is unregistered.\n\nsyzkaller reported a warning in bcm_connect() below. [0]\n\nThe repro calls connect() to vxcan1, removes vxcan1, and calls\nconnect() with ifindex == 0.\n\nCalling connect() for a BCM socket allocates a proc entry.\nThen, bcm_sk(sk)->bound is set to 1 to prevent further connect().\n\nHowever, removing the bound device resets bcm_sk(sk)->bound to 0\nin bcm_notify().\n\nThe 2nd connect() tries to allocate a proc entry with the same\nname and sets NULL to bcm_sk(sk)->bcm_proc_read, leaking the\noriginal proc entry.\n\nSince the proc entry is available only for connect()ed sockets,\nlet's clean up the entry when the bound netdev is unregistered.\n\n[0]:\nproc_dir_entry 'can-bcm/2456' already registered\nWARNING: CPU: 1 PID: 394 at fs/proc/generic.c:376 proc_register+0x645/0x8f0 fs/proc/generic.c:375\nModules linked in:\nCPU: 1 PID: 394 Comm: syz-executor403 Not tainted 6.10.0-rc7-g852e42cc2dd4\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\nRIP: 0010:proc_register+0x645/0x8f0 fs/proc/generic.c:375\nCode: 00 00 00 00 00 48 85 ed 0f 85 97 02 00 00 4d 85 f6 0f 85 9f 02 00 00 48 c7 c7 9b cb cf 87 48 89 de 4c 89 fa e8 1c 6f eb fe 90 <0f> 0b 90 90 48 c7 c7 98 37 99 89 e8 cb 7e 22 05 bb 00 00 00 10 48\nRSP: 0018:ffa0000000cd7c30 EFLAGS: 00010246\nRAX: 9e129be1950f0200 RBX: ff1100011b51582c RCX: ff1100011857cd80\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002\nRBP: 0000000000000000 R08: ffd400000000000f R09: ff1100013e78cac0\nR10: ffac800000cd7980 R11: ff1100013e12b1f0 R12: 0000000000000000\nR13: 0000000000000000 R14: 0000000000000000 R15: ff1100011a99a2ec\nFS: 00007fbd7086f740(0000) GS:ff1100013fd00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000200071c0 CR3: 0000000118556004 CR4: 0000000000771ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n \n proc_create_net_single+0x144/0x210 fs/proc/proc_net.c:220\n bcm_connect+0x472/0x840 net/can/bcm.c:1673\n __sys_connect_file net/socket.c:2049 [inline]\n __sys_connect+0x5d2/0x690 net/socket.c:2066\n __do_sys_connect net/socket.c:2076 [inline]\n __se_sys_connect net/socket.c:2073 [inline]\n __x64_sys_connect+0x8f/0x100 net/socket.c:2073\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xd9/0x1c0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\nRIP: 0033:0x7fbd708b0e5d\nCode: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 73 9f 1b 00 f7 d8 64 89 01 48\nRSP: 002b:00007fff8cd33f08 EFLAGS: 00000246 ORIG_RAX: 000000000000002a\nRAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fbd708b0e5d\nRDX: 0000000000000010 RSI: 0000000020000040 RDI: 0000000000000003\nRBP: 0000000000000000 R08: 0000000000000040 R09: 0000000000000040\nR10: 0000000000000040 R11: 0000000000000246 R12: 00007fff8cd34098\nR13: 0000000000401280 R14: 0000000000406de8 R15: 00007fbd70ab9000\n \nremove_proc_entry: removing non-empty directory 'net/can-bcm', leaking at least '2456'",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-16:linux-modules-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-libc-dev-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.all",
"Ubuntu-16:linux-tools-host-0:4.4.0-277.311.all",
"Ubuntu-16:linux-source-4.4.0-0:4.4.0-277.311.all",
"Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-image-unsigned-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-image-unsigned-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-modules-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-buildinfo-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-tools-common-0:4.4.0-277.311.all",
"Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-common-0:4.4.0-277.311.all",
"Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-doc-0:4.4.0-277.311.all",
"Ubuntu-16:linux-buildinfo-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-modules-extra-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-46771"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/10bfacbd5e8d821011d857bee73310457c9c989a",
"url": "https://git.kernel.org/stable/c/10bfacbd5e8d821011d857bee73310457c9c989a"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/33ed4ba73caae39f34ab874ba79138badc2c65dd",
"url": "https://git.kernel.org/stable/c/33ed4ba73caae39f34ab874ba79138badc2c65dd"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3b39dc2901aa7a679a5ca981a3de9f8d5658afe8",
"url": "https://git.kernel.org/stable/c/3b39dc2901aa7a679a5ca981a3de9f8d5658afe8"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/4377b79323df62eb5d310354f19b4d130ff58d50",
"url": "https://git.kernel.org/stable/c/4377b79323df62eb5d310354f19b4d130ff58d50"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/5c680022c4e28ba18ea500f3e29f0428271afa92",
"url": "https://git.kernel.org/stable/c/5c680022c4e28ba18ea500f3e29f0428271afa92"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/76fe372ccb81b0c89b6cd2fec26e2f38c958be85",
"url": "https://git.kernel.org/stable/c/76fe372ccb81b0c89b6cd2fec26e2f38c958be85"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/abb0a615569ec008e8a93d9f3ab2d5b418ea94d4",
"url": "https://git.kernel.org/stable/c/abb0a615569ec008e8a93d9f3ab2d5b418ea94d4"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/aec92dbebdbec7567d9f56d7c9296a572b8fd849",
"url": "https://git.kernel.org/stable/c/aec92dbebdbec7567d9f56d7c9296a572b8fd849"
}
],
"release_date": "2024-09-18T08:15:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-16:linux-modules-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-libc-dev-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.all",
"Ubuntu-16:linux-tools-host-0:4.4.0-277.311.all",
"Ubuntu-16:linux-source-4.4.0-0:4.4.0-277.311.all",
"Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-image-unsigned-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-image-unsigned-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-modules-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-buildinfo-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-tools-common-0:4.4.0-277.311.all",
"Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-common-0:4.4.0-277.311.all",
"Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-doc-0:4.4.0-277.311.all",
"Ubuntu-16:linux-buildinfo-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-modules-extra-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2022-49842",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: core: Fix use-after-free in snd_soc_exit()\n\nKASAN reports a use-after-free:\n\nBUG: KASAN: use-after-free in device_del+0xb5b/0xc60\nRead of size 8 at addr ffff888008655050 by task rmmod/387\nCPU: 2 PID: 387 Comm: rmmod\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996)\nCall Trace:\n\ndump_stack_lvl+0x79/0x9a\nprint_report+0x17f/0x47b\nkasan_report+0xbb/0xf0\ndevice_del+0xb5b/0xc60\nplatform_device_del.part.0+0x24/0x200\nplatform_device_unregister+0x2e/0x40\nsnd_soc_exit+0xa/0x22 [snd_soc_core]\n__do_sys_delete_module.constprop.0+0x34f/0x5b0\ndo_syscall_64+0x3a/0x90\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\n...\n\n\nIt's bacause in snd_soc_init(), snd_soc_util_init() is possble to fail,\nbut its ret is ignored, which makes soc_dummy_dev unregistered twice.\n\nsnd_soc_init()\n snd_soc_util_init()\n platform_device_register_simple(soc_dummy_dev)\n platform_driver_register() # fail\n \tplatform_device_unregister(soc_dummy_dev)\n platform_driver_register() # success\n...\nsnd_soc_exit()\n snd_soc_util_exit()\n # soc_dummy_dev will be unregistered for second time\n\nTo fix it, handle error and stop snd_soc_init() when util_init() fail.\nAlso clean debugfs when util_init() or driver_register() fail.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-16:linux-modules-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-libc-dev-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.all",
"Ubuntu-16:linux-tools-host-0:4.4.0-277.311.all",
"Ubuntu-16:linux-source-4.4.0-0:4.4.0-277.311.all",
"Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-image-unsigned-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-image-unsigned-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-modules-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-buildinfo-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-tools-common-0:4.4.0-277.311.all",
"Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-common-0:4.4.0-277.311.all",
"Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-doc-0:4.4.0-277.311.all",
"Ubuntu-16:linux-buildinfo-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-modules-extra-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2022-49842"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/2ec3f558db343b045a7c7419cdbaec266b8ac1a7",
"url": "https://git.kernel.org/stable/c/2ec3f558db343b045a7c7419cdbaec266b8ac1a7"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/34eee4189bcebbd5f6a2ff25ef0cb893ad33d51e",
"url": "https://git.kernel.org/stable/c/34eee4189bcebbd5f6a2ff25ef0cb893ad33d51e"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/41fad4f712e081acdfde8b59847f9f66eaf407a0",
"url": "https://git.kernel.org/stable/c/41fad4f712e081acdfde8b59847f9f66eaf407a0"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6ec27c53886c8963729885bcf2dd996eba2767a7",
"url": "https://git.kernel.org/stable/c/6ec27c53886c8963729885bcf2dd996eba2767a7"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/8d21554ec7680e9585fb852d933203c3db60dad1",
"url": "https://git.kernel.org/stable/c/8d21554ec7680e9585fb852d933203c3db60dad1"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/90bbdf30a51e42378cb23a312005a022794b8e1e",
"url": "https://git.kernel.org/stable/c/90bbdf30a51e42378cb23a312005a022794b8e1e"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/a3365e62239dc064019a244bde5686ac18527c22",
"url": "https://git.kernel.org/stable/c/a3365e62239dc064019a244bde5686ac18527c22"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c5674bd073c0fd9f620ca550c5ff08d0d429bdd9",
"url": "https://git.kernel.org/stable/c/c5674bd073c0fd9f620ca550c5ff08d0d429bdd9"
}
],
"release_date": "2025-05-01T15:16:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-16:linux-modules-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-libc-dev-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.all",
"Ubuntu-16:linux-tools-host-0:4.4.0-277.311.all",
"Ubuntu-16:linux-source-4.4.0-0:4.4.0-277.311.all",
"Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-image-unsigned-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-image-unsigned-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-modules-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-buildinfo-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-tools-common-0:4.4.0-277.311.all",
"Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-common-0:4.4.0-277.311.all",
"Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-doc-0:4.4.0-277.311.all",
"Ubuntu-16:linux-buildinfo-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-modules-extra-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "High"
}
]
},
{
"cve": "CVE-2021-47336",
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmackfs: restrict bytes count in smk_set_cipso()\n\nOops, I failed to update subject line.\n\nFrom 07571157c91b98ce1a4aa70967531e64b78e8346 Mon Sep 17 00:00:00 2001\nDate: Mon, 12 Apr 2021 22:25:06 +0900\nSubject: [PATCH] smackfs: restrict bytes count in smk_set_cipso()\n\nCommit 7ef4c19d245f3dc2 (\"smackfs: restrict bytes count in smackfs write\nfunctions\") missed that count > SMK_CIPSOMAX check applies to only\nformat == SMK_FIXED24_FMT case.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-16:linux-modules-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-libc-dev-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.all",
"Ubuntu-16:linux-tools-host-0:4.4.0-277.311.all",
"Ubuntu-16:linux-source-4.4.0-0:4.4.0-277.311.all",
"Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-image-unsigned-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-image-unsigned-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-modules-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-buildinfo-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-tools-common-0:4.4.0-277.311.all",
"Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-common-0:4.4.0-277.311.all",
"Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-doc-0:4.4.0-277.311.all",
"Ubuntu-16:linux-buildinfo-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-modules-extra-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2021-47336"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/135122f174c357b7a3e58f40fa5792156c5e93e6",
"url": "https://git.kernel.org/stable/c/135122f174c357b7a3e58f40fa5792156c5e93e6"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/258fd821f69378453c071b9dd767b298810fc766",
"url": "https://git.kernel.org/stable/c/258fd821f69378453c071b9dd767b298810fc766"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3780348c1a0e14ffefcaf1fc521f815bcaac94b0",
"url": "https://git.kernel.org/stable/c/3780348c1a0e14ffefcaf1fc521f815bcaac94b0"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/49ec114a6e62d8d320037ce71c1aaf9650b3cafd",
"url": "https://git.kernel.org/stable/c/49ec114a6e62d8d320037ce71c1aaf9650b3cafd"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/5c2dca9a7a7ff6a2df34158903515e2e4fd3d2b2",
"url": "https://git.kernel.org/stable/c/5c2dca9a7a7ff6a2df34158903515e2e4fd3d2b2"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/5f9880403e6b71d56924748ba331daf836243fca",
"url": "https://git.kernel.org/stable/c/5f9880403e6b71d56924748ba331daf836243fca"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/8f5c773a2871cf446e3f36b2834fb25bbb28512b",
"url": "https://git.kernel.org/stable/c/8f5c773a2871cf446e3f36b2834fb25bbb28512b"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/cbd87ba6a13891acf6180783f8234a8b7a3e3d4d",
"url": "https://git.kernel.org/stable/c/cbd87ba6a13891acf6180783f8234a8b7a3e3d4d"
}
],
"release_date": "2024-05-21T15:15:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-16:linux-modules-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-libc-dev-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.all",
"Ubuntu-16:linux-tools-host-0:4.4.0-277.311.all",
"Ubuntu-16:linux-source-4.4.0-0:4.4.0-277.311.all",
"Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-image-unsigned-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-image-unsigned-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-modules-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-buildinfo-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-tools-common-0:4.4.0-277.311.all",
"Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-common-0:4.4.0-277.311.all",
"Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-doc-0:4.4.0-277.311.all",
"Ubuntu-16:linux-buildinfo-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-modules-extra-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "High"
}
]
},
{
"cve": "CVE-2021-47352",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio-net: Add validation for used length\n\nThis adds validation for used length (might come\nfrom an untrusted device) to avoid data corruption\nor loss.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-16:linux-modules-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-libc-dev-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.all",
"Ubuntu-16:linux-tools-host-0:4.4.0-277.311.all",
"Ubuntu-16:linux-source-4.4.0-0:4.4.0-277.311.all",
"Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-image-unsigned-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-image-unsigned-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-modules-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-buildinfo-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-tools-common-0:4.4.0-277.311.all",
"Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-common-0:4.4.0-277.311.all",
"Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-doc-0:4.4.0-277.311.all",
"Ubuntu-16:linux-buildinfo-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-modules-extra-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2021-47352"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3133e01514c3c498f2b01ff210ee6134b70c663c",
"url": "https://git.kernel.org/stable/c/3133e01514c3c498f2b01ff210ee6134b70c663c"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/ad993a95c508417acdeb15244109e009e50d8758",
"url": "https://git.kernel.org/stable/c/ad993a95c508417acdeb15244109e009e50d8758"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/ba710baa1cc1b17a0483f7befe03e696efd17292",
"url": "https://git.kernel.org/stable/c/ba710baa1cc1b17a0483f7befe03e696efd17292"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c1b40d1959517ff2ea473d40eeab4691d6d62462",
"url": "https://git.kernel.org/stable/c/c1b40d1959517ff2ea473d40eeab4691d6d62462"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c92298d228f61589dd21657af2bea95fc866b813",
"url": "https://git.kernel.org/stable/c/c92298d228f61589dd21657af2bea95fc866b813"
}
],
"release_date": "2024-05-21T15:15:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-16:linux-modules-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-libc-dev-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.all",
"Ubuntu-16:linux-tools-host-0:4.4.0-277.311.all",
"Ubuntu-16:linux-source-4.4.0-0:4.4.0-277.311.all",
"Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-image-unsigned-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-image-unsigned-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-modules-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-buildinfo-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-tools-common-0:4.4.0-277.311.all",
"Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-common-0:4.4.0-277.311.all",
"Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-doc-0:4.4.0-277.311.all",
"Ubuntu-16:linux-buildinfo-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-modules-extra-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "High"
}
]
},
{
"cve": "CVE-2025-21993",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic()\n\nWhen performing an iSCSI boot using IPv6, iscsistart still reads the\n/sys/firmware/ibft/ethernetX/subnet-mask entry. Since the IPv6 prefix\nlength is 64, this causes the shift exponent to become negative,\ntriggering a UBSAN warning. As the concept of a subnet mask does not\napply to IPv6, the value is set to ~0 to suppress the warning message.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-16:linux-modules-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-libc-dev-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.all",
"Ubuntu-16:linux-tools-host-0:4.4.0-277.311.all",
"Ubuntu-16:linux-source-4.4.0-0:4.4.0-277.311.all",
"Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-image-unsigned-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-image-unsigned-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-modules-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-buildinfo-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-tools-common-0:4.4.0-277.311.all",
"Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-common-0:4.4.0-277.311.all",
"Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-doc-0:4.4.0-277.311.all",
"Ubuntu-16:linux-buildinfo-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-modules-extra-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-21993"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/07e0d99a2f701123ad3104c0f1a1e66bce74d6e5",
"url": "https://git.kernel.org/stable/c/07e0d99a2f701123ad3104c0f1a1e66bce74d6e5"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/2d1eef248107bdf3d5a69d0fde04c30a79a7bf5d",
"url": "https://git.kernel.org/stable/c/2d1eef248107bdf3d5a69d0fde04c30a79a7bf5d"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/9bfa80c8aa4e06dff55a953c3fffbfc68a3a3b1c",
"url": "https://git.kernel.org/stable/c/9bfa80c8aa4e06dff55a953c3fffbfc68a3a3b1c"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/a858cd58dea06cf85b142673deea8c5d87f11e70",
"url": "https://git.kernel.org/stable/c/a858cd58dea06cf85b142673deea8c5d87f11e70"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b253660fac5e0e9080d2c95e3a029e1898d49afb",
"url": "https://git.kernel.org/stable/c/b253660fac5e0e9080d2c95e3a029e1898d49afb"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b388e185bfad32bfed6a97a6817f74ca00a4318f",
"url": "https://git.kernel.org/stable/c/b388e185bfad32bfed6a97a6817f74ca00a4318f"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c1c6e527470e5eab0b2d57bd073530fbace39eab",
"url": "https://git.kernel.org/stable/c/c1c6e527470e5eab0b2d57bd073530fbace39eab"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/f763c82db8166e28f45b7cc4a5398a7859665940",
"url": "https://git.kernel.org/stable/c/f763c82db8166e28f45b7cc4a5398a7859665940"
}
],
"release_date": "2025-04-02T13:15:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-16:linux-modules-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-libc-dev-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.all",
"Ubuntu-16:linux-tools-host-0:4.4.0-277.311.all",
"Ubuntu-16:linux-source-4.4.0-0:4.4.0-277.311.all",
"Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-image-unsigned-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-image-unsigned-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-modules-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-buildinfo-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-tools-common-0:4.4.0-277.311.all",
"Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-common-0:4.4.0-277.311.all",
"Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-doc-0:4.4.0-277.311.all",
"Ubuntu-16:linux-buildinfo-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-modules-extra-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "High"
}
]
},
{
"cve": "CVE-2022-49541",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: fix potential double free during failed mount\n\nRHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=2088799",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-16:linux-modules-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-libc-dev-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.all",
"Ubuntu-16:linux-tools-host-0:4.4.0-277.311.all",
"Ubuntu-16:linux-source-4.4.0-0:4.4.0-277.311.all",
"Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-image-unsigned-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-image-unsigned-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-modules-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-buildinfo-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-tools-common-0:4.4.0-277.311.all",
"Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-common-0:4.4.0-277.311.all",
"Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-doc-0:4.4.0-277.311.all",
"Ubuntu-16:linux-buildinfo-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-modules-extra-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2022-49541"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/8378a51e3f8140f60901fb27208cc7a6e47047b5",
"url": "https://git.kernel.org/stable/c/8378a51e3f8140f60901fb27208cc7a6e47047b5"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/9a167fc440e5693c1cdd7f07071e05658bd9d89d",
"url": "https://git.kernel.org/stable/c/9a167fc440e5693c1cdd7f07071e05658bd9d89d"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/ce0008a0e410cdd95f0d8cd81b2902ec10a660c4",
"url": "https://git.kernel.org/stable/c/ce0008a0e410cdd95f0d8cd81b2902ec10a660c4"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/ee71f8f1cd3c8c4a251fd3e8abc89215ae3457cb",
"url": "https://git.kernel.org/stable/c/ee71f8f1cd3c8c4a251fd3e8abc89215ae3457cb"
}
],
"release_date": "2025-02-26T07:01:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-16:linux-modules-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-libc-dev-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.all",
"Ubuntu-16:linux-tools-host-0:4.4.0-277.311.all",
"Ubuntu-16:linux-source-4.4.0-0:4.4.0-277.311.all",
"Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-image-unsigned-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-image-unsigned-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-modules-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-buildinfo-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-tools-common-0:4.4.0-277.311.all",
"Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-common-0:4.4.0-277.311.all",
"Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-doc-0:4.4.0-277.311.all",
"Ubuntu-16:linux-buildinfo-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-modules-extra-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "High"
}
]
},
{
"cve": "CVE-2021-47281",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: seq: Fix race of snd_seq_timer_open()\n\nThe timer instance per queue is exclusive, and snd_seq_timer_open()\nshould have managed the concurrent accesses. It looks as if it's\nchecking the already existing timer instance at the beginning, but\nit's not right, because there is no protection, hence any later\nconcurrent call of snd_seq_timer_open() may override the timer\ninstance easily. This may result in UAF, as the leftover timer\ninstance can keep running while the queue itself gets closed, as\nspotted by syzkaller recently.\n\nFor avoiding the race, add a proper check at the assignment of\ntmr->timeri again, and return -EBUSY if it's been already registered.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-16:linux-modules-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-libc-dev-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.all",
"Ubuntu-16:linux-tools-host-0:4.4.0-277.311.all",
"Ubuntu-16:linux-source-4.4.0-0:4.4.0-277.311.all",
"Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-image-unsigned-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-image-unsigned-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-modules-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-buildinfo-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-tools-common-0:4.4.0-277.311.all",
"Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-common-0:4.4.0-277.311.all",
"Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-doc-0:4.4.0-277.311.all",
"Ubuntu-16:linux-buildinfo-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-modules-extra-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2021-47281"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/536a7646c00a0f14fee49e5e313109e5da2f6031",
"url": "https://git.kernel.org/stable/c/536a7646c00a0f14fee49e5e313109e5da2f6031"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/83e197a8414c0ba545e7e3916ce05f836f349273",
"url": "https://git.kernel.org/stable/c/83e197a8414c0ba545e7e3916ce05f836f349273"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/bd7d88b0874f82f7b29d1a53e574cedaf23166ba",
"url": "https://git.kernel.org/stable/c/bd7d88b0874f82f7b29d1a53e574cedaf23166ba"
}
],
"release_date": "2024-05-21T15:15:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-16:linux-modules-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-libc-dev-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.all",
"Ubuntu-16:linux-tools-host-0:4.4.0-277.311.all",
"Ubuntu-16:linux-source-4.4.0-0:4.4.0-277.311.all",
"Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-image-unsigned-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-image-unsigned-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-headers-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-modules-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-buildinfo-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-tools-common-0:4.4.0-277.311.all",
"Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-lowlatency-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-cloud-tools-common-0:4.4.0-277.311.all",
"Ubuntu-16:linux-tools-4.4.0-277-tuxcare.els48-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-doc-0:4.4.0-277.311.all",
"Ubuntu-16:linux-buildinfo-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64",
"Ubuntu-16:linux-modules-extra-4.4.0-277-tuxcare.els48-generic-0:4.4.0-277.311.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "High"
}
]
}
]
}