{ "document": { "aggregate_severity": { "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "TuxCare License Agreement", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.", "title": "Terms of Use" }, { "category": "details", "text": "* CVE-url: https://ubuntu.com/security/CVE-2024-50180\n - fbdev: sisfb: Fix strbuf array overflow\n * CVE-url: https://ubuntu.com/security/CVE-2023-52522\n - net: fix possible store tearing in neigh_periodic_work()\n * CVE-url: https://ubuntu.com/security/CVE-2024-40911\n - wifi: cfg80211: Lock wiphy in cfg80211_get_station\n * CVE-url: https://ubuntu.com/security/CVE-2024-43863\n - drm/vmwgfx: Fix a deadlock in dma buf fence polling\n * CVE-url: https://ubuntu.com/security/CVE-2024-44931\n - gpio: prevent potential speculation leaks in gpio_device_get_desc()\n * CVE-url: https://ubuntu.com/security/CVE-2024-23848\n - media: cec: cec-api: add locking in cec_release()\n - media: cec: core: avoid recursive cec_claim_log_addrs\n * CVE-url: https://ubuntu.com/security/CVE-2024-50229\n - nilfs2: fix potential deadlock with newly created symlinks\n * CVE-url: https://ubuntu.com/security/CVE-2024-50171\n - net: systemport: fix potential memory leak in bcm_sysport_xmit()\n * CVE-url: https://ubuntu.com/security/CVE-2024-50233\n - staging: iio: frequency: ad9832: fix division by zero in\n ad9832_calc_freqreg()\n * CVE-url: https://ubuntu.com/security/CVE-2024-50134\n - drm/vboxvideo: Replace fake VLA at end of vbva_mouse_pointer_shape with real\n VLA\n * CVE-url: https://ubuntu.com/security/CVE-2024-44938\n - jfs: Fix shift-out-of-bounds in dbDiscardAG\n * CVE-url: https://ubuntu.com/security/CVE-2024-50117\n - drm/amd: Guard against bad data for ATIF ACPI method\n * CVE-url: https://ubuntu.com/security/CVE-2024-49902\n - jfs: check if leafidx greater than num leaves per dmap tree\n * CVE-url: https://ubuntu.com/security/CVE-2023-52799\n - jfs: fix array-index-out-of-bounds in dbFindLeaf\n * CVE-url: https://ubuntu.com/security/CVE-2024-49966\n - ocfs2: cancel dqi_sync_work before freeing oinfo\n * CVE-url: https://ubuntu.com/security/CVE-2024-50267\n - USB: serial: io_edgeport: fix use after free in debug printk\n * CVE-url: https://ubuntu.com/security/CVE-2024-50230\n - nilfs2: fix kernel bug due to missing clearing of checked flag\n * CVE-url: https://ubuntu.com/security/CVE-2024-50302\n - HID: core: zero-initialize the report buffer\n * CVE-url: https://ubuntu.com/security/CVE-2024-50278\n - dm cache: fix out-of-bounds access to the dirty bitset when resizing\n - dm cache: fix potential out-of-bounds access on the first resume\n * CVE-url: https://ubuntu.com/security/CVE-2024-50234\n - wifi: iwlegacy: Clear stale interrupts before resuming device\n * CVE-url: https://ubuntu.com/security/CVE-2024-50301\n - security/keys: fix slab-out-of-bounds in key_task_permission\n * CVE-url: https://ubuntu.com/security/CVE-2024-50143\n - overflow: Add __must_check attribute to check_*() helpers\n - compiler.h: drop fallback overflow checkers\n - overflow: Allow mixed type arguments\n - udf: fix uninit-value use in udf_get_fileshortad\n * CVE-url: https://ubuntu.com/security/CVE-2024-53061\n - media: s5p-jpeg: prevent buffer overflows\n * CVE-url: https://ubuntu.com/security/CVE-2024-57798\n - drm/dp-mst-helper: Remove hotplug callback\n - drm/dp_mst: Remove huge conditional in drm_dp_mst_handle_up_req()\n - drm/dp_mst: Refactor drm_dp_mst_handle_up_req()\n - drm/dp_mst: Rename drm_dp_add_port and drm_dp_update_port\n - drm/dp_mst: Handle UP requests asynchronously\n - drm/dp_mst: Ensure mst_primary pointer is valid in\n drm_dp_mst_handle_up_req()\n * CVE-url: https://ubuntu.com/security/CVE-2023-52854\n - padata: make padata_do_parallel find alternate callback CPU\n - padata: allocate workqueue internally\n - crypto: pcrypt - remove padata cpumask notifier\n - padata, pcrypt: take CPU hotplug lock internally in padata_alloc_possible\n - padata: use separate workqueues for parallel and serial work\n - padata: unbind parallel jobs from specific CPUs\n - workqueue: Make alloc/apply/free_workqueue_attrs() static\n - workqueue: Remove GPF argument from alloc_workqueue_attrs()\n - workqueue: unconfine alloc/apply/free_workqueue_attrs()\n - crypto: pcrypt - Avoid deadlock by using per-instance padata queues\n - crypto: aead - pass instance to crypto_grab_aead()\n - crypto: pcrypt - simplify error handling in pcrypt_create_aead()\n - padata: Fix refcnt handling in padata_free_shell()\n * CVE-url: https://ubuntu.com/security/CVE-2024-53164\n - net: sched: fix ordering of qlen adjustment\n * CVE-url: https://ubuntu.com/security/CVE-2024-47809\n - dlm: fix possible lkb_resource null dereference\n * CVE-url: https://ubuntu.com/security/CVE-2021-47342\n - ext4: fix memory leak in ext4_fill_super\n - ext4: fix possible UAF when remounting r/o a mmp-protected file system\n * CVE-url: https://ubuntu.com/security/CVE-2024-53179\n - smb: client: fix use-after-free of signing key\n * Miscellaneous upstream changes\n - drm/amd/amdgpu: Fix GPR read from debugfs (v2)", "title": "Details" } ], "publisher": { "category": "vendor", "contact_details": "https://tuxcare.com/contact/", "name": "TuxCare", "namespace": "https://tuxcare.com/" }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://security.tuxcare.com/csaf/v2/els_os/ubuntu18.04els/advisories/2025/clsa-2025_1742319747.json" }, { "category": "self", "summary": "https://cve.tuxcare.com/els/releases/CLSA-2025:1742319747", "url": "https://cve.tuxcare.com/els/releases/CLSA-2025:1742319747" } ], "tracking": { "current_release_date": "2025-05-19T15:21:54Z", "generator": { "date": "2025-05-19T15:21:54Z", "engine": { "name": "pyCSAF" } }, "id": "CLSA-2025:1742319747", "initial_release_date": "2025-03-18T13:42:29Z", "revision_history": [ { "date": "2025-03-18T13:42:29Z", "number": "1", "summary": "Initial version" }, { "date": "2025-05-19T15:21:54Z", "number": "2", "summary": "Official Publication" } ], "status": "final", "version": "2" }, "title": "Fix of 29 CVEs" }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Ubuntu 18.04", "product": { "name": "Ubuntu 18.04", "product_id": "Ubuntu-18", "product_identification_helper": { "cpe": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" } } } ], "category": "product_family", "name": "Ubuntu" } ], "category": "vendor", "name": "Canonical Ltd." }, { "branches": [ { "branches": [ { "category": "product_version", "name": "linux-cloud-tools-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "product": { "name": "linux-cloud-tools-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "product_id": "linux-cloud-tools-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/linux-cloud-tools-4.15.0-245-tuxcare.els33-lowlatency@4.15.0-245.256?arch=amd64" } } }, { "category": "product_version", "name": "linux-image-generic-0:4.15.0.245.256.amd64", "product": { "name": "linux-image-generic-0:4.15.0.245.256.amd64", "product_id": "linux-image-generic-0:4.15.0.245.256.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/linux-image-generic@4.15.0.245.256?arch=amd64" } } }, { "category": "product_version", "name": "linux-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "product": { "name": "linux-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "product_id": "linux-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/linux-tools-4.15.0-245-tuxcare.els33@4.15.0-245.256?arch=amd64" } } }, { "category": "product_version", "name": "linux-modules-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "product": { "name": "linux-modules-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "product_id": "linux-modules-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/linux-modules-4.15.0-245-tuxcare.els33-generic@4.15.0-245.256?arch=amd64" } } }, { "category": "product_version", "name": "linux-buildinfo-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "product": { "name": "linux-buildinfo-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "product_id": "linux-buildinfo-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/linux-buildinfo-4.15.0-245-tuxcare.els33-lowlatency@4.15.0-245.256?arch=amd64" } } }, { "category": "product_version", "name": "linux-cloud-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "product": { "name": "linux-cloud-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "product_id": "linux-cloud-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/linux-cloud-tools-4.15.0-245-tuxcare.els33@4.15.0-245.256?arch=amd64" } } }, { "category": "product_version", "name": "linux-generic-0:4.15.0.245.256.amd64", "product": { "name": "linux-generic-0:4.15.0.245.256.amd64", "product_id": "linux-generic-0:4.15.0.245.256.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/linux-generic@4.15.0.245.256?arch=amd64" } } }, { "category": "product_version", "name": "linux-tools-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "product": { "name": "linux-tools-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "product_id": "linux-tools-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/linux-tools-4.15.0-245-tuxcare.els33-generic@4.15.0-245.256?arch=amd64" } } }, { "category": "product_version", "name": "linux-modules-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "product": { "name": "linux-modules-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "product_id": "linux-modules-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/linux-modules-4.15.0-245-tuxcare.els33-lowlatency@4.15.0-245.256?arch=amd64" } } }, { "category": "product_version", "name": "linux-headers-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "product": { "name": "linux-headers-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "product_id": "linux-headers-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/linux-headers-4.15.0-245-tuxcare.els33-generic@4.15.0-245.256?arch=amd64" } } } ], "category": "architecture", "name": "amd64" } ], "category": "vendor", "name": "CloudLinux" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "linux-cloud-tools-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64 as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:linux-cloud-tools-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64" }, "product_reference": "linux-cloud-tools-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "linux-image-generic-0:4.15.0.245.256.amd64 as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:linux-image-generic-0:4.15.0.245.256.amd64" }, "product_reference": "linux-image-generic-0:4.15.0.245.256.amd64", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "linux-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64 as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:linux-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64" }, "product_reference": "linux-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "linux-modules-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64 as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:linux-modules-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64" }, "product_reference": "linux-modules-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "linux-buildinfo-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64 as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:linux-buildinfo-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64" }, "product_reference": "linux-buildinfo-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "linux-cloud-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64 as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:linux-cloud-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64" }, "product_reference": "linux-cloud-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "linux-generic-0:4.15.0.245.256.amd64 as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:linux-generic-0:4.15.0.245.256.amd64" }, "product_reference": "linux-generic-0:4.15.0.245.256.amd64", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "linux-tools-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64 as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:linux-tools-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64" }, "product_reference": "linux-tools-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "linux-modules-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64 as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:linux-modules-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64" }, "product_reference": "linux-modules-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "relates_to_product_reference": "Ubuntu-18" }, { "category": "default_component_of", "full_product_name": { "name": "linux-headers-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64 as a component of Ubuntu 18.04", "product_id": "Ubuntu-18:linux-headers-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64" }, "product_reference": "linux-headers-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "relates_to_product_reference": "Ubuntu-18" } ] }, "vulnerabilities": [ { "cve": "CVE-2024-50301", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsecurity/keys: fix slab-out-of-bounds in key_task_permission\n\nKASAN reports an out of bounds read:\nBUG: KASAN: slab-out-of-bounds in __kuid_val include/linux/uidgid.h:36\nBUG: KASAN: slab-out-of-bounds in uid_eq include/linux/uidgid.h:63 [inline]\nBUG: KASAN: slab-out-of-bounds in key_task_permission+0x394/0x410\nsecurity/keys/permission.c:54\nRead of size 4 at addr ffff88813c3ab618 by task stress-ng/4362\n\nCPU: 2 PID: 4362 Comm: stress-ng Not tainted 5.10.0-14930-gafbffd6c3ede #15\nCall Trace:\n __dump_stack lib/dump_stack.c:82 [inline]\n dump_stack+0x107/0x167 lib/dump_stack.c:123\n print_address_description.constprop.0+0x19/0x170 mm/kasan/report.c:400\n __kasan_report.cold+0x6c/0x84 mm/kasan/report.c:560\n kasan_report+0x3a/0x50 mm/kasan/report.c:585\n __kuid_val include/linux/uidgid.h:36 [inline]\n uid_eq include/linux/uidgid.h:63 [inline]\n key_task_permission+0x394/0x410 security/keys/permission.c:54\n search_nested_keyrings+0x90e/0xe90 security/keys/keyring.c:793\n\nThis issue was also reported by syzbot.\n\nIt can be reproduced by following these steps(more details [1]):\n1. Obtain more than 32 inputs that have similar hashes, which ends with the\n pattern '0xxxxxxxe6'.\n2. Reboot and add the keys obtained in step 1.\n\nThe reproducer demonstrates how this issue happened:\n1. In the search_nested_keyrings function, when it iterates through the\n slots in a node(below tag ascend_to_node), if the slot pointer is meta\n and node->back_pointer != NULL(it means a root), it will proceed to\n descend_to_node. However, there is an exception. If node is the root,\n and one of the slots points to a shortcut, it will be treated as a\n keyring.\n2. Whether the ptr is keyring decided by keyring_ptr_is_keyring function.\n However, KEYRING_PTR_SUBTYPE is 0x2UL, the same as\n ASSOC_ARRAY_PTR_SUBTYPE_MASK.\n3. When 32 keys with the similar hashes are added to the tree, the ROOT\n has keys with hashes that are not similar (e.g. slot 0) and it splits\n NODE A without using a shortcut. When NODE A is filled with keys that\n all hashes are xxe6, the keys are similar, NODE A will split with a\n shortcut. Finally, it forms the tree as shown below, where slot 6 points\n to a shortcut.\n\n NODE A\n +------>+---+\n ROOT | | 0 | xxe6\n +---+ | +---+\n xxxx | 0 | shortcut : : xxe6\n +---+ | +---+\n xxe6 : : | | | xxe6\n +---+ | +---+\n | 6 |---+ : : xxe6\n +---+ +---+\n xxe6 : : | f | xxe6\n +---+ +---+\n xxe6 | f |\n +---+\n\n4. As mentioned above, If a slot(slot 6) of the root points to a shortcut,\n it may be mistakenly transferred to a key*, leading to a read\n out-of-bounds read.\n\nTo fix this issue, one should jump to descend_to_node if the ptr is a\nshortcut, regardless of whether the node is root or not.\n\n[1] https://lore.kernel.org/linux-kernel/1cfa878e-8c7b-4570-8606-21daf5e13ce7@huaweicloud.com/\n\n[jarkko: tweaked the commit message a bit to have an appropriate closes\n tag.]", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-18:linux-cloud-tools-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-image-generic-0:4.15.0.245.256.amd64", "Ubuntu-18:linux-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-modules-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-buildinfo-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-cloud-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-generic-0:4.15.0.245.256.amd64", "Ubuntu-18:linux-tools-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-modules-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-headers-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-50301" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/199c20fb7499c79557a075dc24e9a7dae7d9f1ce", "url": "https://git.kernel.org/stable/c/199c20fb7499c79557a075dc24e9a7dae7d9f1ce" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1e4332581cd4eed75aea77af6f66cdcdda8b49b9", "url": "https://git.kernel.org/stable/c/1e4332581cd4eed75aea77af6f66cdcdda8b49b9" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3e79ad156bedf2da0ab909a118d2cec6c9c22b79", "url": "https://git.kernel.org/stable/c/3e79ad156bedf2da0ab909a118d2cec6c9c22b79" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4a74da044ec9ec8679e6beccc4306b936b62873f", "url": "https://git.kernel.org/stable/c/4a74da044ec9ec8679e6beccc4306b936b62873f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4efb69a0e294ef201bcdf7ce3d6202cd0a545a5d", "url": "https://git.kernel.org/stable/c/4efb69a0e294ef201bcdf7ce3d6202cd0a545a5d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/bbad2d5b6c99db468d8f88b6ba6a56ed409b4881", "url": "https://git.kernel.org/stable/c/bbad2d5b6c99db468d8f88b6ba6a56ed409b4881" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c3ce634ad953ce48c75c39bdfd8b711dd95f346f", "url": "https://git.kernel.org/stable/c/c3ce634ad953ce48c75c39bdfd8b711dd95f346f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e0a317ad68e4ea48a0158187238c5407e4fdec8b", "url": "https://git.kernel.org/stable/c/e0a317ad68e4ea48a0158187238c5407e4fdec8b" } ], "release_date": "2024-11-19T02:16:00", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-18:linux-cloud-tools-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-image-generic-0:4.15.0.245.256.amd64", "Ubuntu-18:linux-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-modules-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-buildinfo-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-cloud-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-generic-0:4.15.0.245.256.amd64", "Ubuntu-18:linux-tools-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-modules-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-headers-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2024-40911", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: Lock wiphy in cfg80211_get_station\n\nWiphy should be locked before calling rdev_get_station() (see lockdep\nassert in ieee80211_get_station()).\n\nThis fixes the following kernel NULL dereference:\n\n Unable to handle kernel NULL pointer dereference at virtual address 0000000000000050\n Mem abort info:\n ESR = 0x0000000096000006\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x06: level 2 translation fault\n Data abort info:\n ISV = 0, ISS = 0x00000006\n CM = 0, WnR = 0\n user pgtable: 4k pages, 48-bit VAs, pgdp=0000000003001000\n [0000000000000050] pgd=0800000002dca003, p4d=0800000002dca003, pud=08000000028e9003, pmd=0000000000000000\n Internal error: Oops: 0000000096000006 [#1] SMP\n Modules linked in: netconsole dwc3_meson_g12a dwc3_of_simple dwc3 ip_gre gre ath10k_pci ath10k_core ath9k ath9k_common ath9k_hw ath\n CPU: 0 PID: 1091 Comm: kworker/u8:0 Not tainted 6.4.0-02144-g565f9a3a7911-dirty #705\n Hardware name: RPT (r1) (DT)\n Workqueue: bat_events batadv_v_elp_throughput_metric_update\n pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : ath10k_sta_statistics+0x10/0x2dc [ath10k_core]\n lr : sta_set_sinfo+0xcc/0xbd4\n sp : ffff000007b43ad0\n x29: ffff000007b43ad0 x28: ffff0000071fa900 x27: ffff00000294ca98\n x26: ffff000006830880 x25: ffff000006830880 x24: ffff00000294c000\n x23: 0000000000000001 x22: ffff000007b43c90 x21: ffff800008898acc\n x20: ffff00000294c6e8 x19: ffff000007b43c90 x18: 0000000000000000\n x17: 445946354d552d78 x16: 62661f7200000000 x15: 57464f445946354d\n x14: 0000000000000000 x13: 00000000000000e3 x12: d5f0acbcebea978e\n x11: 00000000000000e3 x10: 000000010048fe41 x9 : 0000000000000000\n x8 : ffff000007b43d90 x7 : 000000007a1e2125 x6 : 0000000000000000\n x5 : ffff0000024e0900 x4 : ffff800000a0250c x3 : ffff000007b43c90\n x2 : ffff00000294ca98 x1 : ffff000006831920 x0 : 0000000000000000\n Call trace:\n ath10k_sta_statistics+0x10/0x2dc [ath10k_core]\n sta_set_sinfo+0xcc/0xbd4\n ieee80211_get_station+0x2c/0x44\n cfg80211_get_station+0x80/0x154\n batadv_v_elp_get_throughput+0x138/0x1fc\n batadv_v_elp_throughput_metric_update+0x1c/0xa4\n process_one_work+0x1ec/0x414\n worker_thread+0x70/0x46c\n kthread+0xdc/0xe0\n ret_from_fork+0x10/0x20\n Code: a9bb7bfd 910003fd a90153f3 f9411c40 (f9402814)\n\nThis happens because STA has time to disconnect and reconnect before\nbatadv_v_elp_throughput_metric_update() delayed work gets scheduled. In\nthis situation, ath10k_sta_state() can be in the middle of resetting\narsta data when the work queue get chance to be scheduled and ends up\naccessing it. Locking wiphy prevents that.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-18:linux-cloud-tools-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-image-generic-0:4.15.0.245.256.amd64", "Ubuntu-18:linux-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-modules-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-buildinfo-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-cloud-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-generic-0:4.15.0.245.256.amd64", "Ubuntu-18:linux-tools-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-modules-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-headers-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-40911" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0ccc63958d8373e15a69f4f8069f3e78f7f3898a", "url": "https://git.kernel.org/stable/c/0ccc63958d8373e15a69f4f8069f3e78f7f3898a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/43e1eefb0b2094e2281150d87d09e8bc872b9fba", "url": "https://git.kernel.org/stable/c/43e1eefb0b2094e2281150d87d09e8bc872b9fba" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/642f89daa34567d02f312d03e41523a894906dae", "url": "https://git.kernel.org/stable/c/642f89daa34567d02f312d03e41523a894906dae" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6d540b0317901535275020bd4ac44fac6439ca76", "url": "https://git.kernel.org/stable/c/6d540b0317901535275020bd4ac44fac6439ca76" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/dfd84ce41663be9ca3f69bd657c45f49b69344d9", "url": "https://git.kernel.org/stable/c/dfd84ce41663be9ca3f69bd657c45f49b69344d9" } ], "release_date": "2024-07-12T13:15:00", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-18:linux-cloud-tools-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-image-generic-0:4.15.0.245.256.amd64", "Ubuntu-18:linux-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-modules-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-buildinfo-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-cloud-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-generic-0:4.15.0.245.256.amd64", "Ubuntu-18:linux-tools-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-modules-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-headers-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64" ] } ], "threats": [ { "category": "impact", "details": "Medium" } ] }, { "cve": "CVE-2024-44931", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpio: prevent potential speculation leaks in gpio_device_get_desc()\n\nUserspace may trigger a speculative read of an address outside the gpio\ndescriptor array.\nUsers can do that by calling gpio_ioctl() with an offset out of range.\nOffset is copied from user and then used as an array index to get\nthe gpio descriptor without sanitization in gpio_device_get_desc().\n\nThis change ensures that the offset is sanitized by using\narray_index_nospec() to mitigate any possibility of speculative\ninformation leaks.\n\nThis bug was discovered and resolved using Coverity Static Analysis\nSecurity Testing (SAST) by Synopsys, Inc.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-18:linux-cloud-tools-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-image-generic-0:4.15.0.245.256.amd64", "Ubuntu-18:linux-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-modules-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-buildinfo-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-cloud-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-generic-0:4.15.0.245.256.amd64", "Ubuntu-18:linux-tools-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-modules-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-headers-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-44931" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/18504710442671b02d00e6db9804a0ad26c5a479", "url": "https://git.kernel.org/stable/c/18504710442671b02d00e6db9804a0ad26c5a479" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1b955f786a4bcde8c0ccb2b7d519def2acb6f3cc", "url": "https://git.kernel.org/stable/c/1b955f786a4bcde8c0ccb2b7d519def2acb6f3cc" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/672c19165fc96dfad531a5458e0b3cdab414aae4", "url": "https://git.kernel.org/stable/c/672c19165fc96dfad531a5458e0b3cdab414aae4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9ae2d8e75b741dbcb0da374753f972410e83b5f3", "url": "https://git.kernel.org/stable/c/9ae2d8e75b741dbcb0da374753f972410e83b5f3" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9d682e89c44bd5819b01f3fbb45a8e3681a4b6d0", "url": "https://git.kernel.org/stable/c/9d682e89c44bd5819b01f3fbb45a8e3681a4b6d0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c65ab97efcd438cb4e9f299400f2ea55251f3a67", "url": "https://git.kernel.org/stable/c/c65ab97efcd438cb4e9f299400f2ea55251f3a67" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d776c0486b03a5c4afca65b8ff44573592bf93bb", "url": "https://git.kernel.org/stable/c/d776c0486b03a5c4afca65b8ff44573592bf93bb" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d795848ecce24a75dfd46481aee066ae6fe39775", "url": "https://git.kernel.org/stable/c/d795848ecce24a75dfd46481aee066ae6fe39775" } ], "release_date": "2024-08-26T11:15:00", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "Ubuntu-18:linux-cloud-tools-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-image-generic-0:4.15.0.245.256.amd64", "Ubuntu-18:linux-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-modules-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-buildinfo-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-cloud-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-generic-0:4.15.0.245.256.amd64", "Ubuntu-18:linux-tools-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-modules-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-headers-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64" ] } ], "threats": [ { "category": "impact", "details": "Medium" } ] }, { "cve": "CVE-2021-47342", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix possible UAF when remounting r/o a mmp-protected file system\n\nAfter commit 618f003199c6 (\"ext4: fix memory leak in\next4_fill_super\"), after the file system is remounted read-only, there\nis a race where the kmmpd thread can exit, causing sbi->s_mmp_tsk to\npoint at freed memory, which the call to ext4_stop_mmpd() can trip\nover.\n\nFix this by only allowing kmmpd() to exit when it is stopped via\next4_stop_mmpd().\n\nBug-Report-Link: <20210629143603.2166962-1-yebin10@huawei.com>", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-18:linux-cloud-tools-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-image-generic-0:4.15.0.245.256.amd64", "Ubuntu-18:linux-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-modules-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-buildinfo-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-cloud-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-generic-0:4.15.0.245.256.amd64", "Ubuntu-18:linux-tools-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-modules-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-headers-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2021-47342" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/61bb4a1c417e5b95d9edb4f887f131de32e419cb", "url": "https://git.kernel.org/stable/c/61bb4a1c417e5b95d9edb4f887f131de32e419cb" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/7ed572cdf11081f8f9e07abd4bea56a3f2c4edbd", "url": "https://git.kernel.org/stable/c/7ed572cdf11081f8f9e07abd4bea56a3f2c4edbd" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b663890d854403e566169f7e90aed5cd6ff64f6b", "url": "https://git.kernel.org/stable/c/b663890d854403e566169f7e90aed5cd6ff64f6b" } ], "release_date": "2024-05-21T15:15:00", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-18:linux-cloud-tools-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-image-generic-0:4.15.0.245.256.amd64", "Ubuntu-18:linux-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-modules-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-buildinfo-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-cloud-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-generic-0:4.15.0.245.256.amd64", "Ubuntu-18:linux-tools-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-modules-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-headers-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2023-52522", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\nnet: fix possible store tearing in neigh_periodic_work()\nWhile looking at a related syzbot report involving neigh_periodic_work(),\nI found that I forgot to add an annotation when deleting an\nRCU protected item from a list.\nReaders use rcu_deference(*np), we need to use either\nrcu_assign_pointer() or WRITE_ONCE() on writer side\nto prevent store tearing.\nI use rcu_assign_pointer() to have lockdep support,\nthis was the choice made in neigh_flush_dev().", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-18:linux-cloud-tools-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-image-generic-0:4.15.0.245.256.amd64", "Ubuntu-18:linux-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-modules-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-buildinfo-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-cloud-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-generic-0:4.15.0.245.256.amd64", "Ubuntu-18:linux-tools-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-modules-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-headers-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-52522" } ], "release_date": "2024-03-02T00:00:00", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-18:linux-cloud-tools-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-image-generic-0:4.15.0.245.256.amd64", "Ubuntu-18:linux-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-modules-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-buildinfo-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-cloud-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-generic-0:4.15.0.245.256.amd64", "Ubuntu-18:linux-tools-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-modules-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-headers-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64" ] } ], "threats": [ { "category": "impact", "details": "Medium" } ] }, { "cve": "CVE-2024-50117", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd: Guard against bad data for ATIF ACPI method\n\nIf a BIOS provides bad data in response to an ATIF method call\nthis causes a NULL pointer dereference in the caller.\n\n```\n? show_regs (arch/x86/kernel/dumpstack.c:478 (discriminator 1))\n? __die (arch/x86/kernel/dumpstack.c:423 arch/x86/kernel/dumpstack.c:434)\n? page_fault_oops (arch/x86/mm/fault.c:544 (discriminator 2) arch/x86/mm/fault.c:705 (discriminator 2))\n? do_user_addr_fault (arch/x86/mm/fault.c:440 (discriminator 1) arch/x86/mm/fault.c:1232 (discriminator 1))\n? acpi_ut_update_object_reference (drivers/acpi/acpica/utdelete.c:642)\n? exc_page_fault (arch/x86/mm/fault.c:1542)\n? asm_exc_page_fault (./arch/x86/include/asm/idtentry.h:623)\n? amdgpu_atif_query_backlight_caps.constprop.0 (drivers/gpu/drm/amd/amdgpu/amdgpu_acpi.c:387 (discriminator 2)) amdgpu\n? amdgpu_atif_query_backlight_caps.constprop.0 (drivers/gpu/drm/amd/amdgpu/amdgpu_acpi.c:386 (discriminator 1)) amdgpu\n```\n\nIt has been encountered on at least one system, so guard for it.\n\n(cherry picked from commit c9b7c809b89f24e9372a4e7f02d64c950b07fdee)", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-18:linux-cloud-tools-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-image-generic-0:4.15.0.245.256.amd64", "Ubuntu-18:linux-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-modules-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-buildinfo-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-cloud-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-generic-0:4.15.0.245.256.amd64", "Ubuntu-18:linux-tools-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-modules-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-headers-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-50117" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1d7175f9c57b1abf9ecfbdfd53ea760761f52ffe", "url": "https://git.kernel.org/stable/c/1d7175f9c57b1abf9ecfbdfd53ea760761f52ffe" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/234682910971732cd4da96fd95946e296e486b38", "url": "https://git.kernel.org/stable/c/234682910971732cd4da96fd95946e296e486b38" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/43b4fa6e0e238c6e2662f4fb61d9f51c2785fb1d", "url": "https://git.kernel.org/stable/c/43b4fa6e0e238c6e2662f4fb61d9f51c2785fb1d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/58556dcbd5606a5daccaee73b2130bc16b48e025", "url": "https://git.kernel.org/stable/c/58556dcbd5606a5daccaee73b2130bc16b48e025" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6032287747f874b52dc8b9d7490e2799736e035f", "url": "https://git.kernel.org/stable/c/6032287747f874b52dc8b9d7490e2799736e035f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/975ede2a7bec52b5da1428829b3439667c8a234b", "url": "https://git.kernel.org/stable/c/975ede2a7bec52b5da1428829b3439667c8a234b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/bf58f03931fdcf7b3c45cb76ac13244477a60f44", "url": "https://git.kernel.org/stable/c/bf58f03931fdcf7b3c45cb76ac13244477a60f44" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/cd67af3c1762de4c2483ae4dbdd98f9ea8fa56e3", "url": "https://git.kernel.org/stable/c/cd67af3c1762de4c2483ae4dbdd98f9ea8fa56e3" } ], "release_date": "2024-11-05T18:15:00", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-18:linux-cloud-tools-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-image-generic-0:4.15.0.245.256.amd64", "Ubuntu-18:linux-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-modules-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-buildinfo-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-cloud-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-generic-0:4.15.0.245.256.amd64", "Ubuntu-18:linux-tools-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-modules-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-headers-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64" ] } ], "threats": [ { "category": "impact", "details": "Medium" } ] }, { "cve": "CVE-2024-50229", "cwe": { "id": "CWE-667", "name": "Improper Locking" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix potential deadlock with newly created symlinks\n\nSyzbot reported that page_symlink(), called by nilfs_symlink(), triggers\nmemory reclamation involving the filesystem layer, which can result in\ncircular lock dependencies among the reader/writer semaphore\nnilfs->ns_segctor_sem, s_writers percpu_rwsem (intwrite) and the\nfs_reclaim pseudo lock.\n\nThis is because after commit 21fc61c73c39 (\"don't put symlink bodies in\npagecache into highmem\"), the gfp flags of the page cache for symbolic\nlinks are overwritten to GFP_KERNEL via inode_nohighmem().\n\nThis is not a problem for symlinks read from the backing device, because\nthe __GFP_FS flag is dropped after inode_nohighmem() is called. However,\nwhen a new symlink is created with nilfs_symlink(), the gfp flags remain\noverwritten to GFP_KERNEL. Then, memory allocation called from\npage_symlink() etc. triggers memory reclamation including the FS layer,\nwhich may call nilfs_evict_inode() or nilfs_dirty_inode(). And these can\ncause a deadlock if they are called while nilfs->ns_segctor_sem is held:\n\nFix this issue by dropping the __GFP_FS flag from the page cache GFP flags\nof newly created symlinks in the same way that nilfs_new_inode() and\n__nilfs_read_inode() do, as a workaround until we adopt nofs allocation\nscope consistently or improve the locking constraints.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-18:linux-cloud-tools-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-image-generic-0:4.15.0.245.256.amd64", "Ubuntu-18:linux-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-modules-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-buildinfo-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-cloud-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-generic-0:4.15.0.245.256.amd64", "Ubuntu-18:linux-tools-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-modules-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-headers-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-50229" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1246d86e7bbde265761932c6e2dce28c69cdcb91", "url": "https://git.kernel.org/stable/c/1246d86e7bbde265761932c6e2dce28c69cdcb91" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/58c7f44c7b9e5ac7e3b1e5da2572ed7767a12f38", "url": "https://git.kernel.org/stable/c/58c7f44c7b9e5ac7e3b1e5da2572ed7767a12f38" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/69548bb663fcb63f9ee0301be808a36b9d78dac3", "url": "https://git.kernel.org/stable/c/69548bb663fcb63f9ee0301be808a36b9d78dac3" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9aa5d43ac4cace8fb9bd964ff6c23f599dc3cd24", "url": "https://git.kernel.org/stable/c/9aa5d43ac4cace8fb9bd964ff6c23f599dc3cd24" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a1686db1e59f8fc016c4c9361e2119dd206f479a", "url": "https://git.kernel.org/stable/c/a1686db1e59f8fc016c4c9361e2119dd206f479a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b3a033e3ecd3471248d474ef263aadc0059e516a", "url": "https://git.kernel.org/stable/c/b3a033e3ecd3471248d474ef263aadc0059e516a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c72e0df0b56c1166736dc8eb62070ebb12591447", "url": "https://git.kernel.org/stable/c/c72e0df0b56c1166736dc8eb62070ebb12591447" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/cc38c596e648575ce58bfc31623a6506eda4b94a", "url": "https://git.kernel.org/stable/c/cc38c596e648575ce58bfc31623a6506eda4b94a" } ], "release_date": "2024-11-09T11:15:00", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-18:linux-cloud-tools-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-image-generic-0:4.15.0.245.256.amd64", "Ubuntu-18:linux-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-modules-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-buildinfo-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-cloud-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-generic-0:4.15.0.245.256.amd64", "Ubuntu-18:linux-tools-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-modules-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-headers-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64" ] } ], "threats": [ { "category": "impact", "details": "Medium" } ] }, { "cve": "CVE-2024-50267", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: serial: io_edgeport: fix use after free in debug printk\n\nThe \"dev_dbg(&urb->dev->dev, ...\" which happens after usb_free_urb(urb)\nis a use after free of the \"urb\" pointer. Store the \"dev\" pointer at the\nstart of the function to avoid this issue.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-18:linux-cloud-tools-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-image-generic-0:4.15.0.245.256.amd64", "Ubuntu-18:linux-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-modules-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-buildinfo-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-cloud-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-generic-0:4.15.0.245.256.amd64", "Ubuntu-18:linux-tools-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-modules-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-headers-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-50267" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/13d6ff3ca76056d06a9d88300be2a293442ff595", "url": "https://git.kernel.org/stable/c/13d6ff3ca76056d06a9d88300be2a293442ff595" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/275258c30bbda29467216e96fb655b16bcc9992b", "url": "https://git.kernel.org/stable/c/275258c30bbda29467216e96fb655b16bcc9992b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/314bdf446053e123f37543aa535197ee75f8aa97", "url": "https://git.kernel.org/stable/c/314bdf446053e123f37543aa535197ee75f8aa97" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/37bb5628379295c1254c113a407cab03a0f4d0b4", "url": "https://git.kernel.org/stable/c/37bb5628379295c1254c113a407cab03a0f4d0b4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/39709ce93f5c3f9eb535efe2afea088805d1128f", "url": "https://git.kernel.org/stable/c/39709ce93f5c3f9eb535efe2afea088805d1128f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/44fff2c16c5aafbdb70c7183dae0a415ae74705e", "url": "https://git.kernel.org/stable/c/44fff2c16c5aafbdb70c7183dae0a415ae74705e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e567fc8f7a4460e486e52c9261b1e8b9f5dc42aa", "url": "https://git.kernel.org/stable/c/e567fc8f7a4460e486e52c9261b1e8b9f5dc42aa" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e6ceb04eeb6115d872d4c4078d12f1170ed755ce", "url": "https://git.kernel.org/stable/c/e6ceb04eeb6115d872d4c4078d12f1170ed755ce" } ], "release_date": "2024-11-19T02:16:00", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-18:linux-cloud-tools-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-image-generic-0:4.15.0.245.256.amd64", "Ubuntu-18:linux-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-modules-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-buildinfo-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-cloud-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-generic-0:4.15.0.245.256.amd64", "Ubuntu-18:linux-tools-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-modules-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-headers-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2024-50171", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: systemport: fix potential memory leak in bcm_sysport_xmit()\n\nThe bcm_sysport_xmit() returns NETDEV_TX_OK without freeing skb\nin case of dma_map_single() fails, add dev_kfree_skb() to fix it.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-18:linux-cloud-tools-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-image-generic-0:4.15.0.245.256.amd64", "Ubuntu-18:linux-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-modules-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-buildinfo-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-cloud-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-generic-0:4.15.0.245.256.amd64", "Ubuntu-18:linux-tools-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-modules-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-headers-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-50171" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/31701ef0c4547973991ff63596c927f841dfd133", "url": "https://git.kernel.org/stable/c/31701ef0c4547973991ff63596c927f841dfd133" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4b70478b984af3c9d0279c121df5ff94e2533dbd", "url": "https://git.kernel.org/stable/c/4b70478b984af3c9d0279c121df5ff94e2533dbd" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/533d2f30aef272dade17870a509521c3afc38a03", "url": "https://git.kernel.org/stable/c/533d2f30aef272dade17870a509521c3afc38a03" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5febfc545389805ce83d37f9f4317055b26dd7d7", "url": "https://git.kernel.org/stable/c/5febfc545389805ce83d37f9f4317055b26dd7d7" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/7d5030a819c3589cf9948b1eee397b626ec590f5", "url": "https://git.kernel.org/stable/c/7d5030a819c3589cf9948b1eee397b626ec590f5" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8e81ce7d0166a2249deb6d5e42f28a8b8c9ea72f", "url": "https://git.kernel.org/stable/c/8e81ce7d0166a2249deb6d5e42f28a8b8c9ea72f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b6321146773dcbbc372a54dbada67e0b50e0a25c", "url": "https://git.kernel.org/stable/c/b6321146773dcbbc372a54dbada67e0b50e0a25c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c401ed1c709948e57945485088413e1bb5e94bd1", "url": "https://git.kernel.org/stable/c/c401ed1c709948e57945485088413e1bb5e94bd1" } ], "release_date": "2024-11-07T10:15:00", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-18:linux-cloud-tools-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-image-generic-0:4.15.0.245.256.amd64", "Ubuntu-18:linux-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-modules-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-buildinfo-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-cloud-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-generic-0:4.15.0.245.256.amd64", "Ubuntu-18:linux-tools-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-modules-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-headers-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64" ] } ], "threats": [ { "category": "impact", "details": "Medium" } ] }, { "cve": "CVE-2024-50180", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: sisfb: Fix strbuf array overflow\n\nThe values of the variables xres and yres are placed in strbuf.\nThese variables are obtained from strbuf1.\nThe strbuf1 array contains digit characters\nand a space if the array contains non-digit characters.\nThen, when executing sprintf(strbuf, \"%ux%ux8\", xres, yres);\nmore than 16 bytes will be written to strbuf.\nIt is suggested to increase the size of the strbuf array to 24.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-18:linux-cloud-tools-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-image-generic-0:4.15.0.245.256.amd64", "Ubuntu-18:linux-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-modules-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-buildinfo-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-cloud-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-generic-0:4.15.0.245.256.amd64", "Ubuntu-18:linux-tools-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-modules-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-headers-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-50180" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/11c0d49093b82f6c547fd419c41a982d26bdf5ef", "url": "https://git.kernel.org/stable/c/11c0d49093b82f6c547fd419c41a982d26bdf5ef" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/252f147b1826cbb30ae0304cf86b66d3bb12b743", "url": "https://git.kernel.org/stable/c/252f147b1826cbb30ae0304cf86b66d3bb12b743" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/41cf6f26abe4f491b694c54bd1aa2530369b7510", "url": "https://git.kernel.org/stable/c/41cf6f26abe4f491b694c54bd1aa2530369b7510" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/433c84c8495008922534c5cafdae6ff970fb3241", "url": "https://git.kernel.org/stable/c/433c84c8495008922534c5cafdae6ff970fb3241" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/57c4f4db0a194416da237fd09dad9527e00cb587", "url": "https://git.kernel.org/stable/c/57c4f4db0a194416da237fd09dad9527e00cb587" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/688872c4ea4a528cd6a057d545c83506b533ee1f", "url": "https://git.kernel.org/stable/c/688872c4ea4a528cd6a057d545c83506b533ee1f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/889304120ecb2ca30674d89cd4ef15990b6a571c", "url": "https://git.kernel.org/stable/c/889304120ecb2ca30674d89cd4ef15990b6a571c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9cf14f5a2746c19455ce9cb44341b5527b5e19c3", "url": "https://git.kernel.org/stable/c/9cf14f5a2746c19455ce9cb44341b5527b5e19c3" } ], "release_date": "2024-11-08T06:15:00", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-18:linux-cloud-tools-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-image-generic-0:4.15.0.245.256.amd64", "Ubuntu-18:linux-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-modules-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-buildinfo-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-cloud-tools-4.15.0-245-tuxcare.els33-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-generic-0:4.15.0.245.256.amd64", "Ubuntu-18:linux-tools-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-modules-4.15.0-245-tuxcare.els33-lowlatency-0:4.15.0-245.256.amd64", "Ubuntu-18:linux-headers-4.15.0-245-tuxcare.els33-generic-0:4.15.0-245.256.amd64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] } ] }