{
"document": {
"aggregate_severity": {
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "TuxCare License Agreement",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.",
"title": "Terms of Use"
},
{
"category": "details",
"text": "* CVE-url: https://ubuntu.com/security/CVE-2025-38000\n - sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()\n * CVE-url: https://ubuntu.com/security/CVE-2024-57996 // CVE-url:\n https://ubuntu.com/security/CVE-2025-37752\n - net_sched: sch_sfq: move the limit validation\n * Focal update: v5.4.285 upstream stable release (LP: #2089233) //\n CVE-2024-50202 // CVE-url: https://ubuntu.com/security/CVE-2024-50202\n - nilfs2: propagate directory read errors from nilfs_find_entry()\n * Focal update: v5.4.279 upstream stable release (LP: #2073621) // CVE-url:\n https://ubuntu.com/security/CVE-2024-50202\n - nilfs2: Remove check for PageError\n - nilfs2: return the mapped address from nilfs_get_page()\n * Focal update: v5.4.287 upstream stable release (LP: #2095145) // CVE-url:\n https://ubuntu.com/security/CVE-2024-53131\n - nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint\n * Focal update: v5.4.287 upstream stable release (LP: #2095145) // CVE-url:\n https://ubuntu.com/security/CVE-2024-53130\n - nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint\n * CVE-url: https://ubuntu.com/security/CVE-2022-49179\n - block, bfq: don't move oom_bfqq\n * CVE-url: https://ubuntu.com/security/CVE-2022-49176\n - bfq: fix use-after-free in bfq_dispatch_request\n * CVE-url: https://ubuntu.com/security/CVE-2025-21956\n - drm/amd/display: Assign normalized_pix_clk when color depth = 14\n * CVE-url: https://ubuntu.com/security/CVE-2025-21992\n - HID: ignore non-functional sensor in HP 5MP Camera\n * CVE-url: https://ubuntu.com/security/CVE-2025-22021\n - netfilter: socket: Lookup orig tuple for IPv6 SNAT\n * CVE-url: https://ubuntu.com/security/CVE-2025-22073\n - spufs: fix a leak on spufs_new_file() failure\n * CVE-url: https://ubuntu.com/security/CVE-2025-22079\n - ocfs2: validate l_tree_depth to avoid out-of-bounds access\n * CVE-url: https://ubuntu.com/security/CVE-2025-22086\n - RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow\n * CVE-url: https://ubuntu.com/security/CVE-2025-21722\n - nilfs2: do not force clear folio if buffer is referenced\n * CVE-url: https://ubuntu.com/security/CVE-2025-22018\n - atm: Fix NULL pointer dereference\n * CVE-url: https://ubuntu.com/security/CVE-2024-58071\n - team: prevent adding a device which is already a team device lower\n * CVE-url: https://ubuntu.com/security/CVE-2024-58063\n - wifi: rtlwifi: fix memory leaks and invalid access at probe error path\n * CVE-url: https://ubuntu.com/security/CVE-2024-58052\n - drm/amdgpu: Fix potential NULL pointer dereference in\n atomctrl_get_smc_sclk_range_table\n * CVE-url: https://ubuntu.com/security/CVE-2024-58058\n - ubifs: skip dumping tnc tree when zroot is null\n * CVE-url: https://ubuntu.com/security/CVE-2025-21859\n - USB: gadget: f_midi: f_midi_complete to call queue_work\n * CVE-url: https://ubuntu.com/security/CVE-2025-21640\n - sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy\n * CVE-url: https://ubuntu.com/security/CVE-2024-57922\n - drm/amd/display: Add check for granularity in dml ceil/floor helpers\n * CVE-url: https://ubuntu.com/security/CVE-2024-57913\n - usb: gadget: f_fs: Remove WARN_ON in functionfs_bind\n * CVE-url: https://ubuntu.com/security/CVE-2025-21638\n - sctp: sysctl: auth_enable: avoid using current->nsproxy\n * CVE-url: https://ubuntu.com/security/CVE-2024-50195\n - posix-clock: Fix missing timespec64 check in pc_clock_settime()\n * CVE-url: https://ubuntu.com/security/CVE-2024-50299\n - sctp: properly validate chunk size in sctp_sf_ootb()\n * CVE-url: https://ubuntu.com/security/CVE-2024-50273\n - btrfs: reinitialize delayed ref list after deleting it from the list\n * CVE-url: https://ubuntu.com/security/CVE-2024-41016\n - ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry()\n * CVE-url: https://ubuntu.com/security/CVE-2024-50287\n - media: v4l2-tpg: prevent the risk of a division by zero\n * CVE-url: https://ubuntu.com/security/CVE-2024-49965\n - ocfs2: remove unreasonable unlock in ocfs2_read_blocks\n * CVE-url: https://ubuntu.com/security/CVE-2024-50179\n - ceph: remove the incorrect Fw reference check when dirtying pages\n * CVE-url: https://ubuntu.com/security/CVE-2024-40953\n - KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin()\n * CVE-url: https://ubuntu.com/security/CVE-2024-50290\n - media: cx24116: prevent overflows on SNR calculus\n * CVE-url: https://ubuntu.com/security/CVE-2024-49877\n - ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate\n * CVE-url: https://ubuntu.com/security/CVE-2024-49938\n - wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit\n * CVE-url: https://ubuntu.com/security/CVE-2024-50008\n - wifi: mwifiex: Fix memcpy() field-spanning write warning in\n mwifiex_cmd_802_11_scan_ext()\n * CVE-url: https://ubuntu.com/security/CVE-2024-47672\n - wifi: iwlwifi: mvm: don't wait for tx queues if firmware is dead\n * CVE-url: https://ubuntu.com/security/CVE-2024-49959\n - jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error\n * CVE-url: https://ubuntu.com/security/CVE-2024-49963\n - mailbox: bcm2835: Fix timeout during suspend mode\n * CVE-url: https://ubuntu.com/security/CVE-2024-47709\n - can: bcm: Clear bo->bcm_proc_read after remove_proc_entry().\n * CVE-url: https://ubuntu.com/security/CVE-2025-21699\n - gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag\n * CVE-url: https://ubuntu.com/security/CVE-2025-21689\n - USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb()\n * CVE-url: https://ubuntu.com/security/CVE-2024-38544\n - RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt\n * CVE-url: https://ubuntu.com/security/CVE-2024-50251\n - netfilter: nft_payload: sanitize offset and length before calling\n skb_checksum()\n * CVE-url: https://ubuntu.com/security/CVE-2024-49949\n - udp: add udp gso\n - net: avoid potential underflow in qdisc_pkt_len_init() with UFO\n * CVE-url: https://ubuntu.com/security/CVE-2024-53101\n - fs: Fix uninitialized value issue in from_kuid and from_kgid\n * CVE-url: https://ubuntu.com/security/CVE-2023-52975\n - scsi: iscsi: Move pool freeing\n - scsi: iscsi_tcp: Fix UAF during logout when accessing the shost ipaddress\n * Focal update: v5.4.287 upstream stable release (LP: #2095145) // CVE-url:\n https://ubuntu.com/security/CVE-2024-56748\n - scsi: qedf: Fix a possible memory leak in qedf_alloc_and_init_sb()\n * CVE-url: https://ubuntu.com/security/CVE-2025-37797\n - net_sched: hfsc: Fix a UAF vulnerability in class handling\n * CVE-url: https://ubuntu.com/security/CVE-2024-38541\n - of: module: add buffer overflow check in of_modalias()\n * Miscellaneous upstream changes\n - fixup! UBUNTU: [Config] updateconfigs for NFSD_FAULT_INJECTION",
"title": "Details"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://tuxcare.com/contact/",
"name": "TuxCare",
"namespace": "https://tuxcare.com/"
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.tuxcare.com/csaf/v2/els_os/ubuntu18.04els/advisories/2025/clsa-2025_1758010922.json"
},
{
"category": "self",
"summary": "https://cve.tuxcare.com/els/releases/CLSA-2025:1758010922",
"url": "https://cve.tuxcare.com/els/releases/CLSA-2025:1758010922"
}
],
"tracking": {
"current_release_date": "2025-09-16T08:28:25Z",
"generator": {
"date": "2025-09-16T08:28:25Z",
"engine": {
"name": "pyCSAF"
}
},
"id": "CLSA-2025:1758010922",
"initial_release_date": "2025-09-16T08:28:25Z",
"revision_history": [
{
"date": "2025-09-16T08:28:25Z",
"number": "1",
"summary": "Initial version"
}
],
"status": "final",
"version": "1"
},
"title": "Fix of 51 CVEs"
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu 18.04",
"product": {
"name": "Ubuntu 18.04",
"product_id": "Ubuntu-18",
"product_identification_helper": {
"cpe": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"
}
}
}
],
"category": "product_family",
"name": "Ubuntu"
}
],
"category": "vendor",
"name": "Canonical Ltd."
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"product": {
"name": "linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"product_id": "linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency@4.15.0-251.262?arch=amd64"
}
}
},
{
"category": "product_version",
"name": "linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"product": {
"name": "linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"product_id": "linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-headers-4.15.0-251-tuxcare.els39-lowlatency@4.15.0-251.262?arch=amd64"
}
}
},
{
"category": "product_version",
"name": "linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"product": {
"name": "linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"product_id": "linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-tools-4.15.0-251-tuxcare.els39-lowlatency@4.15.0-251.262?arch=amd64"
}
}
},
{
"category": "product_version",
"name": "linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"product": {
"name": "linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"product_id": "linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-buildinfo-4.15.0-251-tuxcare.els39-generic@4.15.0-251.262?arch=amd64"
}
}
},
{
"category": "product_version",
"name": "linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"product": {
"name": "linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"product_id": "linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-tools-4.15.0-251-tuxcare.els39@4.15.0-251.262?arch=amd64"
}
}
},
{
"category": "product_version",
"name": "linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"product": {
"name": "linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"product_id": "linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-modules-extra-4.15.0-251-tuxcare.els39-generic@4.15.0-251.262?arch=amd64"
}
}
},
{
"category": "product_version",
"name": "linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"product": {
"name": "linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"product_id": "linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-tools-4.15.0-251-tuxcare.els39-generic@4.15.0-251.262?arch=amd64"
}
}
},
{
"category": "product_version",
"name": "linux-libc-dev-0:4.15.0-251.262.amd64",
"product": {
"name": "linux-libc-dev-0:4.15.0-251.262.amd64",
"product_id": "linux-libc-dev-0:4.15.0-251.262.amd64",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-libc-dev@4.15.0-251.262?arch=amd64"
}
}
},
{
"category": "product_version",
"name": "linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"product": {
"name": "linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"product_id": "linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency@4.15.0-251.262?arch=amd64"
}
}
},
{
"category": "product_version",
"name": "linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"product": {
"name": "linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"product_id": "linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-headers-4.15.0-251-tuxcare.els39-generic@4.15.0-251.262?arch=amd64"
}
}
},
{
"category": "product_version",
"name": "linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"product": {
"name": "linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"product_id": "linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-image-unsigned-4.15.0-251-tuxcare.els39-generic@4.15.0-251.262?arch=amd64"
}
}
},
{
"category": "product_version",
"name": "linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"product": {
"name": "linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"product_id": "linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-modules-4.15.0-251-tuxcare.els39-lowlatency@4.15.0-251.262?arch=amd64"
}
}
},
{
"category": "product_version",
"name": "linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"product": {
"name": "linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"product_id": "linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency@4.15.0-251.262?arch=amd64"
}
}
},
{
"category": "product_version",
"name": "linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"product": {
"name": "linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"product_id": "linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-cloud-tools-4.15.0-251-tuxcare.els39@4.15.0-251.262?arch=amd64"
}
}
},
{
"category": "product_version",
"name": "linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"product": {
"name": "linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"product_id": "linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-modules-4.15.0-251-tuxcare.els39-generic@4.15.0-251.262?arch=amd64"
}
}
},
{
"category": "product_version",
"name": "linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"product": {
"name": "linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"product_id": "linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-cloud-tools-4.15.0-251-tuxcare.els39-generic@4.15.0-251.262?arch=amd64"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "linux-tools-host-0:4.15.0-251.262.all",
"product": {
"name": "linux-tools-host-0:4.15.0-251.262.all",
"product_id": "linux-tools-host-0:4.15.0-251.262.all",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-tools-host@4.15.0-251.262?arch=all"
}
}
},
{
"category": "product_version",
"name": "linux-doc-0:4.15.0-251.262.all",
"product": {
"name": "linux-doc-0:4.15.0-251.262.all",
"product_id": "linux-doc-0:4.15.0-251.262.all",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-doc@4.15.0-251.262?arch=all"
}
}
},
{
"category": "product_version",
"name": "linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"product": {
"name": "linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"product_id": "linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-headers-4.15.0-251-tuxcare.els39@4.15.0-251.262?arch=all"
}
}
},
{
"category": "product_version",
"name": "linux-cloud-tools-common-0:4.15.0-251.262.all",
"product": {
"name": "linux-cloud-tools-common-0:4.15.0-251.262.all",
"product_id": "linux-cloud-tools-common-0:4.15.0-251.262.all",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-cloud-tools-common@4.15.0-251.262?arch=all"
}
}
},
{
"category": "product_version",
"name": "linux-source-4.15.0-0:4.15.0-251.262.all",
"product": {
"name": "linux-source-4.15.0-0:4.15.0-251.262.all",
"product_id": "linux-source-4.15.0-0:4.15.0-251.262.all",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-source-4.15.0@4.15.0-251.262?arch=all"
}
}
},
{
"category": "product_version",
"name": "linux-tools-common-0:4.15.0-251.262.all",
"product": {
"name": "linux-tools-common-0:4.15.0-251.262.all",
"product_id": "linux-tools-common-0:4.15.0-251.262.all",
"product_identification_helper": {
"purl": "pkg:deb/cloudlinux/linux-tools-common@4.15.0-251.262?arch=all"
}
}
}
],
"category": "architecture",
"name": "all"
}
],
"category": "vendor",
"name": "CloudLinux"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64 as a component of Ubuntu 18.04",
"product_id": "Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64"
},
"product_reference": "linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"relates_to_product_reference": "Ubuntu-18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64 as a component of Ubuntu 18.04",
"product_id": "Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64"
},
"product_reference": "linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"relates_to_product_reference": "Ubuntu-18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64 as a component of Ubuntu 18.04",
"product_id": "Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64"
},
"product_reference": "linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"relates_to_product_reference": "Ubuntu-18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64 as a component of Ubuntu 18.04",
"product_id": "Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
},
"product_reference": "linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"relates_to_product_reference": "Ubuntu-18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64 as a component of Ubuntu 18.04",
"product_id": "Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64"
},
"product_reference": "linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"relates_to_product_reference": "Ubuntu-18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64 as a component of Ubuntu 18.04",
"product_id": "Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
},
"product_reference": "linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"relates_to_product_reference": "Ubuntu-18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-tools-host-0:4.15.0-251.262.all as a component of Ubuntu 18.04",
"product_id": "Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all"
},
"product_reference": "linux-tools-host-0:4.15.0-251.262.all",
"relates_to_product_reference": "Ubuntu-18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64 as a component of Ubuntu 18.04",
"product_id": "Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
},
"product_reference": "linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"relates_to_product_reference": "Ubuntu-18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-doc-0:4.15.0-251.262.all as a component of Ubuntu 18.04",
"product_id": "Ubuntu-18:linux-doc-0:4.15.0-251.262.all"
},
"product_reference": "linux-doc-0:4.15.0-251.262.all",
"relates_to_product_reference": "Ubuntu-18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-libc-dev-0:4.15.0-251.262.amd64 as a component of Ubuntu 18.04",
"product_id": "Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64"
},
"product_reference": "linux-libc-dev-0:4.15.0-251.262.amd64",
"relates_to_product_reference": "Ubuntu-18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64 as a component of Ubuntu 18.04",
"product_id": "Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64"
},
"product_reference": "linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"relates_to_product_reference": "Ubuntu-18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64 as a component of Ubuntu 18.04",
"product_id": "Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
},
"product_reference": "linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"relates_to_product_reference": "Ubuntu-18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all as a component of Ubuntu 18.04",
"product_id": "Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all"
},
"product_reference": "linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"relates_to_product_reference": "Ubuntu-18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64 as a component of Ubuntu 18.04",
"product_id": "Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
},
"product_reference": "linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"relates_to_product_reference": "Ubuntu-18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64 as a component of Ubuntu 18.04",
"product_id": "Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64"
},
"product_reference": "linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"relates_to_product_reference": "Ubuntu-18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-cloud-tools-common-0:4.15.0-251.262.all as a component of Ubuntu 18.04",
"product_id": "Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all"
},
"product_reference": "linux-cloud-tools-common-0:4.15.0-251.262.all",
"relates_to_product_reference": "Ubuntu-18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64 as a component of Ubuntu 18.04",
"product_id": "Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64"
},
"product_reference": "linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"relates_to_product_reference": "Ubuntu-18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64 as a component of Ubuntu 18.04",
"product_id": "Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64"
},
"product_reference": "linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"relates_to_product_reference": "Ubuntu-18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-source-4.15.0-0:4.15.0-251.262.all as a component of Ubuntu 18.04",
"product_id": "Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all"
},
"product_reference": "linux-source-4.15.0-0:4.15.0-251.262.all",
"relates_to_product_reference": "Ubuntu-18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64 as a component of Ubuntu 18.04",
"product_id": "Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
},
"product_reference": "linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"relates_to_product_reference": "Ubuntu-18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-tools-common-0:4.15.0-251.262.all as a component of Ubuntu 18.04",
"product_id": "Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all"
},
"product_reference": "linux-tools-common-0:4.15.0-251.262.all",
"relates_to_product_reference": "Ubuntu-18"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64 as a component of Ubuntu 18.04",
"product_id": "Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
},
"product_reference": "linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"relates_to_product_reference": "Ubuntu-18"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-38000",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\nsch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()\nWhen enqueuing the first packet to an HFSC class, hfsc_enqueue() calls the\nchild qdisc's peek() operation before incrementing sch->q.qlen and\nsch->qstats.backlog. If the child qdisc uses qdisc_peek_dequeued(), this may\ntrigger an immediate dequeue and potential packet drop. In such cases,\nqdisc_tree_reduce_backlog() is called, but the HFSC qdisc's qlen and backlog\nhave not yet been updated, leading to inconsistent queue accounting. This\ncan leave an empty HFSC class in the active list, causing further\nconsequences like use-after-free.\nThis patch fixes the bug by moving the increment of sch->q.qlen and\nsch->qstats.backlog before the call to the child qdisc's peek() operation.\nThis ensures that queue length and backlog are always accurate when packet\ndrops or dequeues are triggered during the peek.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-38000"
}
],
"release_date": "2025-06-06T00:00:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "High"
}
]
},
{
"cve": "CVE-2024-53130",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint\n\nWhen using the \"block:block_dirty_buffer\" tracepoint, mark_buffer_dirty()\nmay cause a NULL pointer dereference, or a general protection fault when\nKASAN is enabled.\n\nThis happens because, since the tracepoint was added in\nmark_buffer_dirty(), it references the dev_t member bh->b_bdev->bd_dev\nregardless of whether the buffer head has a pointer to a block_device\nstructure.\n\nIn the current implementation, nilfs_grab_buffer(), which grabs a buffer\nto read (or create) a block of metadata, including b-tree node blocks,\ndoes not set the block device, but instead does so only if the buffer is\nnot in the \"uptodate\" state for each of its caller block reading\nfunctions. However, if the uptodate flag is set on a folio/page, and the\nbuffer heads are detached from it by try_to_free_buffers(), and new buffer\nheads are then attached by create_empty_buffers(), the uptodate flag may\nbe restored to each buffer without the block device being set to\nbh->b_bdev, and mark_buffer_dirty() may be called later in that state,\nresulting in the bug mentioned above.\n\nFix this issue by making nilfs_grab_buffer() always set the block device\nof the super block structure to the buffer head, regardless of the state\nof the buffer's uptodate flag.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-53130"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/0a5014ad37c77ac6a2c525137c00a0e1724f6020",
"url": "https://git.kernel.org/stable/c/0a5014ad37c77ac6a2c525137c00a0e1724f6020"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/0ce59fb1c73fdd5b6028226aeb46259a0cdc0957",
"url": "https://git.kernel.org/stable/c/0ce59fb1c73fdd5b6028226aeb46259a0cdc0957"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/2026559a6c4ce34db117d2db8f710fe2a9420d5a",
"url": "https://git.kernel.org/stable/c/2026559a6c4ce34db117d2db8f710fe2a9420d5a"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/7af3309c7a2ef26831a67125b11c34a7e01c1b2a",
"url": "https://git.kernel.org/stable/c/7af3309c7a2ef26831a67125b11c34a7e01c1b2a"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/86b19031dbc79abc378dfae357f6ea33ebeb0c95",
"url": "https://git.kernel.org/stable/c/86b19031dbc79abc378dfae357f6ea33ebeb0c95"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b0e4765740040c44039282057ecacd7435d1d2ba",
"url": "https://git.kernel.org/stable/c/b0e4765740040c44039282057ecacd7435d1d2ba"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/d904e4d845aafbcfd8a40c1df7d999f02f062be8",
"url": "https://git.kernel.org/stable/c/d904e4d845aafbcfd8a40c1df7d999f02f062be8"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/ffc440a76a0f476a7e6ea838ec0dc8e9979944d1",
"url": "https://git.kernel.org/stable/c/ffc440a76a0f476a7e6ea838ec0dc8e9979944d1"
}
],
"release_date": "2024-12-04T15:15:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2025-22079",
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\nocfs2: validate l_tree_depth to avoid out-of-bounds access\nThe l_tree_depth field is 16-bit (__le16), but the actual maximum depth is\nlimited to OCFS2_MAX_PATH_DEPTH.\nAdd a check to prevent out-of-bounds access if l_tree_depth has an invalid\nvalue, which may occur when reading from a corrupted mounted disk [1].",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-22079"
}
],
"release_date": "2025-04-16T00:00:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2025-22086",
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\nRDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow\nWhen cur_qp isn't NULL, in order to avoid fetching the QP from\nthe radix tree again we check if the next cqe QP is identical to\nthe one we already have.\nThe bug however is that we are checking if the QP is identical by\nchecking the QP number inside the CQE against the QP number inside the\nmlx5_ib_qp, but that's wrong since the QP number from the CQE is from\nFW so it should be matched against mlx5_core_qp which is our FW QP\nnumber.\nOtherwise we could use the wrong QP when handling a CQE which could\ncause the kernel trace below.\nThis issue is mainly noticeable over QPs 0 & 1, since for now they are\nthe only QPs in our driver whereas the QP number inside mlx5_ib_qp\ndoesn't match the QP number inside mlx5_core_qp.\nBUG: kernel NULL pointer dereference, address: 0000000000000012\n#PF: supervisor read access in kernel mode\n#PF: error_code(0x0000) - not-present page\nPGD 0 P4D 0\nOops: Oops: 0000 [#1] SMP\nCPU: 0 UID: 0 PID: 7927 Comm: kworker/u62:1 Not tainted 6.14.0-rc3+ #189\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\nWorkqueue: ib-comp-unb-wq ib_cq_poll_work [ib_core]\nRIP: 0010:mlx5_ib_poll_cq+0x4c7/0xd90 [mlx5_ib]\nCode: 03 00 00 8d 58 ff 21 cb 66 39 d3 74 39 48 c7 c7 3c 89 6e a0 0f b7 db e8 b7 d2 b3 e0 49 8b 86 60 03 00 00 48 c7 c7 4a 89 6e a0 <0f> b7 5c 98 02 e8 9f d2 b3 e0 41 0f b7 86 78 03 00 00 83 e8 01 21\nRSP: 0018:ffff88810511bd60 EFLAGS: 00010046\nRAX: 0000000000000010 RBX: 0000000000000000 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: ffff88885fa1b3c0 RDI: ffffffffa06e894a\nRBP: 00000000000000b0 R08: 0000000000000000 R09: ffff88810511bc10\nR10: 0000000000000001 R11: 0000000000000001 R12: ffff88810d593000\nR13: ffff88810e579108 R14: ffff888105146000 R15: 00000000000000b0\nFS: 0000000000000000(0000) GS:ffff88885fa00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000012 CR3: 00000001077e6001 CR4: 0000000000370eb0\nCall Trace:\n\n? __die+0x20/0x60\n? page_fault_oops+0x150/0x3e0\n? exc_page_fault+0x74/0x130\n? asm_exc_page_fault+0x22/0x30\n? mlx5_ib_poll_cq+0x4c7/0xd90 [mlx5_ib]\n__ib_process_cq+0x5a/0x150 [ib_core]\nib_cq_poll_work+0x31/0x90 [ib_core]\nprocess_one_work+0x169/0x320\nworker_thread+0x288/0x3a0\n? work_busy+0xb0/0xb0\nkthread+0xd7/0x1f0\n? kthreads_online_cpu+0x130/0x130\n? kthreads_online_cpu+0x130/0x130\nret_from_fork+0x2d/0x50\n? kthreads_online_cpu+0x130/0x130\nret_from_fork_asm+0x11/0x20\n",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-22086"
}
],
"release_date": "2025-04-16T00:00:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2025-21722",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\nnilfs2: do not force clear folio if buffer is referenced\nPatch series \"nilfs2: protect busy buffer heads from being force-cleared\".\nThis series fixes the buffer head state inconsistency issues reported by\nsyzbot that occurs when the filesystem is corrupted and falls back to\nread-only, and the associated buffer head use-after-free issue.\nThis patch (of 2):\nSyzbot has reported that after nilfs2 detects filesystem corruption and\nfalls back to read-only, inconsistencies in the buffer state may occur.\nOne of the inconsistencies is that when nilfs2 calls mark_buffer_dirty()\nto set a data or metadata buffer as dirty, but it detects that the buffer\nis not in the uptodate state:\nWARNING: CPU: 0 PID: 6049 at fs/buffer.c:1177 mark_buffer_dirty+0x2e5/0x520\nfs/buffer.c:1177\n...\nCall Trace:\n\nnilfs_palloc_commit_alloc_entry+0x4b/0x160 fs/nilfs2/alloc.c:598\nnilfs_ifile_create_inode+0x1dd/0x3a0 fs/nilfs2/ifile.c:73\nnilfs_new_inode+0x254/0x830 fs/nilfs2/inode.c:344\nnilfs_mkdir+0x10d/0x340 fs/nilfs2/namei.c:218\nvfs_mkdir+0x2f9/0x4f0 fs/namei.c:4257\ndo_mkdirat+0x264/0x3a0 fs/namei.c:4280\n__do_sys_mkdirat fs/namei.c:4295 [inline]\n__se_sys_mkdirat fs/namei.c:4293 [inline]\n__x64_sys_mkdirat+0x87/0xa0 fs/namei.c:4293\ndo_syscall_x64 arch/x86/entry/common.c:52 [inline]\ndo_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\nentry_SYSCALL_64_after_hwframe+0x77/0x7f\nThe other is when nilfs_btree_propagate(), which propagates the dirty\nstate to the ancestor nodes of a b-tree that point to a dirty buffer,\ndetects that the origin buffer is not dirty, even though it should be:\nWARNING: CPU: 0 PID: 5245 at fs/nilfs2/btree.c:2089\nnilfs_btree_propagate+0xc79/0xdf0 fs/nilfs2/btree.c:2089\n...\nCall Trace:\n\nnilfs_bmap_propagate+0x75/0x120 fs/nilfs2/bmap.c:345\nnilfs_collect_file_data+0x4d/0xd0 fs/nilfs2/segment.c:587\nnilfs_segctor_apply_buffers+0x184/0x340 fs/nilfs2/segment.c:1006\nnilfs_segctor_scan_file+0x28c/0xa50 fs/nilfs2/segment.c:1045\nnilfs_segctor_collect_blocks fs/nilfs2/segment.c:1216 [inline]\nnilfs_segctor_collect fs/nilfs2/segment.c:1540 [inline]\nnilfs_segctor_do_construct+0x1c28/0x6b90 fs/nilfs2/segment.c:2115\nnilfs_segctor_construct+0x181/0x6b0 fs/nilfs2/segment.c:2479\nnilfs_segctor_thread_construct fs/nilfs2/segment.c:2587 [inline]\nnilfs_segctor_thread+0x69e/0xe80 fs/nilfs2/segment.c:2701\nkthread+0x2f0/0x390 kernel/kthread.c:389\nret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\nret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n\nBoth of these issues are caused by the callbacks that handle the\npage/folio write requests, forcibly clear various states, including the\nworking state of the buffers they hold, at unexpected times when they\ndetect read-only fallback.\nFix these issues by checking if the buffer is referenced before clearing\nthe page/folio state, and skipping the clear if it is.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-21722"
}
],
"release_date": "2025-02-27T00:00:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2024-58052",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table\n\nThe function atomctrl_get_smc_sclk_range_table() does not check the return\nvalue of smu_atom_get_data_table(). If smu_atom_get_data_table() fails to\nretrieve SMU_Info table, it returns NULL which is later dereferenced.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\nIn practice this should never happen as this code only gets called\non polaris chips and the vbios data table will always be present on\nthose chips.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-58052"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/0b97cd8a61b2b40fd73cf92a4bb2256462d22adb",
"url": "https://git.kernel.org/stable/c/0b97cd8a61b2b40fd73cf92a4bb2256462d22adb"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/2396bc91935c6da0588ce07850d07897974bd350",
"url": "https://git.kernel.org/stable/c/2396bc91935c6da0588ce07850d07897974bd350"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/357445e28ff004d7f10967aa93ddb4bffa5c3688",
"url": "https://git.kernel.org/stable/c/357445e28ff004d7f10967aa93ddb4bffa5c3688"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/396350adf0e5ad4bf05f01e4d79bfb82f0f6c41a",
"url": "https://git.kernel.org/stable/c/396350adf0e5ad4bf05f01e4d79bfb82f0f6c41a"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6a30634a2e0f1dd3c6b39fd0f114c32893a9907a",
"url": "https://git.kernel.org/stable/c/6a30634a2e0f1dd3c6b39fd0f114c32893a9907a"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/a713ba7167c2d74c477dd7764dbbdbe3199f17f4",
"url": "https://git.kernel.org/stable/c/a713ba7167c2d74c477dd7764dbbdbe3199f17f4"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/ae522ad211ec4b72eaf742b25f24b0a406afcba1",
"url": "https://git.kernel.org/stable/c/ae522ad211ec4b72eaf742b25f24b0a406afcba1"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c47066ed7c8f3b320ef87fa6217a2b8b24e127cc",
"url": "https://git.kernel.org/stable/c/c47066ed7c8f3b320ef87fa6217a2b8b24e127cc"
}
],
"release_date": "2025-03-06T16:15:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2025-21859",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: gadget: f_midi: f_midi_complete to call queue_work\n\nWhen using USB MIDI, a lock is attempted to be acquired twice through a\nre-entrant call to f_midi_transmit, causing a deadlock.\n\nFix it by using queue_work() to schedule the inner f_midi_transmit() via\na high priority work queue from the completion handler.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-21859"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/1f10923404705a94891e612dff3b75e828a78368",
"url": "https://git.kernel.org/stable/c/1f10923404705a94891e612dff3b75e828a78368"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/24a942610ee9bafb2692a456ae850c5b2e409b05",
"url": "https://git.kernel.org/stable/c/24a942610ee9bafb2692a456ae850c5b2e409b05"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/4ab37fcb42832cdd3e9d5e50653285ca84d6686f",
"url": "https://git.kernel.org/stable/c/4ab37fcb42832cdd3e9d5e50653285ca84d6686f"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/727dee0857946b85232526de4f5a957fe163e89a",
"url": "https://git.kernel.org/stable/c/727dee0857946b85232526de4f5a957fe163e89a"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/8aa6b4be1f4efccbfc533e6ec8841d26e4fa8dba",
"url": "https://git.kernel.org/stable/c/8aa6b4be1f4efccbfc533e6ec8841d26e4fa8dba"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b09957657d7767d164b3432af2129bd72947553c",
"url": "https://git.kernel.org/stable/c/b09957657d7767d164b3432af2129bd72947553c"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/deeee3adb2c01eedab32c3b4519337689ad02e8a",
"url": "https://git.kernel.org/stable/c/deeee3adb2c01eedab32c3b4519337689ad02e8a"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/e9fec6f42c45db2f62dc373fb1a10d2488c04e79",
"url": "https://git.kernel.org/stable/c/e9fec6f42c45db2f62dc373fb1a10d2488c04e79"
}
],
"release_date": "2025-03-12T10:15:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2024-57922",
"cwe": {
"id": "CWE-369",
"name": "Divide By Zero"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add check for granularity in dml ceil/floor helpers\n\n[Why]\nWrapper functions for dcn_bw_ceil2() and dcn_bw_floor2()\nshould check for granularity is non zero to avoid assert and\ndivide-by-zero error in dcn_bw_ functions.\n\n[How]\nAdd check for granularity 0.\n\n(cherry picked from commit f6e09701c3eb2ccb8cb0518e0b67f1c69742a4ec)",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-57922"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/0881fbc4fd62e00a2b8e102725f76d10351b2ea8",
"url": "https://git.kernel.org/stable/c/0881fbc4fd62e00a2b8e102725f76d10351b2ea8"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/497471baf53bb8fd3cd1529d65d4d7f7b81f1917",
"url": "https://git.kernel.org/stable/c/497471baf53bb8fd3cd1529d65d4d7f7b81f1917"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/4f0dd09ed3001725ffd8cdc2868e71df585392fe",
"url": "https://git.kernel.org/stable/c/4f0dd09ed3001725ffd8cdc2868e71df585392fe"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/8a9315e6f7b2d94c65a1ba476481deddb20fc3ae",
"url": "https://git.kernel.org/stable/c/8a9315e6f7b2d94c65a1ba476481deddb20fc3ae"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/95793f9684e58d2aa56671b2d616b4f9f577a0a8",
"url": "https://git.kernel.org/stable/c/95793f9684e58d2aa56671b2d616b4f9f577a0a8"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/ae9ab63a268be99a27a4720ca24f6be801744fee",
"url": "https://git.kernel.org/stable/c/ae9ab63a268be99a27a4720ca24f6be801744fee"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/f3d1e4062ef251fa55ccfeca1e54a98b6818b3a1",
"url": "https://git.kernel.org/stable/c/f3d1e4062ef251fa55ccfeca1e54a98b6818b3a1"
}
],
"release_date": "2025-01-19T12:15:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2024-57913",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: f_fs: Remove WARN_ON in functionfs_bind\n\nThis commit addresses an issue related to below kernel panic where\npanic_on_warn is enabled. It is caused by the unnecessary use of WARN_ON\nin functionsfs_bind, which easily leads to the following scenarios.\n\n1.adb_write in adbd 2. UDC write via configfs\n =================\t =====================\n\n->usb_ffs_open_thread() ->UDC write\n ->open_functionfs() ->configfs_write_iter()\n ->adb_open() ->gadget_dev_desc_UDC_store()\n ->adb_write() ->usb_gadget_register_driver_owner\n ->driver_register()\n->StartMonitor() ->bus_add_driver()\n ->adb_read() ->gadget_bind_driver()\n ->configfs_composite_bind()\n ->usb_add_function()\n->open_functionfs() ->ffs_func_bind()\n ->adb_open() ->functionfs_bind()\n state !=FFS_ACTIVE>\n\nThe adb_open, adb_read, and adb_write operations are invoked from the\ndaemon, but trying to bind the function is a process that is invoked by\nUDC write through configfs, which opens up the possibility of a race\ncondition between the two paths. In this race scenario, the kernel panic\noccurs due to the WARN_ON from functionfs_bind when panic_on_warn is\nenabled. This commit fixes the kernel panic by removing the unnecessary\nWARN_ON.\n\nKernel panic - not syncing: kernel: panic_on_warn set ...\n[ 14.542395] Call trace:\n[ 14.542464] ffs_func_bind+0x1c8/0x14a8\n[ 14.542468] usb_add_function+0xcc/0x1f0\n[ 14.542473] configfs_composite_bind+0x468/0x588\n[ 14.542478] gadget_bind_driver+0x108/0x27c\n[ 14.542483] really_probe+0x190/0x374\n[ 14.542488] __driver_probe_device+0xa0/0x12c\n[ 14.542492] driver_probe_device+0x3c/0x220\n[ 14.542498] __driver_attach+0x11c/0x1fc\n[ 14.542502] bus_for_each_dev+0x104/0x160\n[ 14.542506] driver_attach+0x24/0x34\n[ 14.542510] bus_add_driver+0x154/0x270\n[ 14.542514] driver_register+0x68/0x104\n[ 14.542518] usb_gadget_register_driver_owner+0x48/0xf4\n[ 14.542523] gadget_dev_desc_UDC_store+0xf8/0x144\n[ 14.542526] configfs_write_iter+0xf0/0x138",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-57913"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/19fc1c83454ca9d5699e39633ec79ce26355251c",
"url": "https://git.kernel.org/stable/c/19fc1c83454ca9d5699e39633ec79ce26355251c"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3e4d32cc145955d5c56c5498a3ff057e4aafa9d1",
"url": "https://git.kernel.org/stable/c/3e4d32cc145955d5c56c5498a3ff057e4aafa9d1"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/82f60f3600aecd9ffcd0fbc4e193694511c85b47",
"url": "https://git.kernel.org/stable/c/82f60f3600aecd9ffcd0fbc4e193694511c85b47"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/a8b6a18b9b66cc4c016d63132b59ce5383f7cdd2",
"url": "https://git.kernel.org/stable/c/a8b6a18b9b66cc4c016d63132b59ce5383f7cdd2"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/bfe60030fcd976e3546e1f73d6d0eb3fea26442e",
"url": "https://git.kernel.org/stable/c/bfe60030fcd976e3546e1f73d6d0eb3fea26442e"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/dfc51e48bca475bbee984e90f33fdc537ce09699",
"url": "https://git.kernel.org/stable/c/dfc51e48bca475bbee984e90f33fdc537ce09699"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/ea6a1498742430eb2effce0d1439ff29ef37dd7d",
"url": "https://git.kernel.org/stable/c/ea6a1498742430eb2effce0d1439ff29ef37dd7d"
}
],
"release_date": "2025-01-19T12:15:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2025-21638",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: auth_enable: avoid using current->nsproxy\n\nAs mentioned in a previous commit of this series, using the 'net'\nstructure via 'current' is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader's/writer's netns vs only\n from the opener's netns.\n\n- current->nsproxy can be NULL in some cases, resulting in an 'Oops'\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe 'net' structure can be obtained from the table->data using\ncontainer_of().\n\nNote that table->data could also be used directly, but that would\nincrease the size of this fix, while 'sctp.ctl_sock' still needs to be\nretrieved from 'net' structure.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-21638"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/15649fd5415eda664ef35780c2013adeb5d9c695",
"url": "https://git.kernel.org/stable/c/15649fd5415eda664ef35780c2013adeb5d9c695"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/1b67030d39f2b00f94ac1f0af11ba6657589e4d3",
"url": "https://git.kernel.org/stable/c/1b67030d39f2b00f94ac1f0af11ba6657589e4d3"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/7ec30c54f339c640aa7e49d7e9f7bbed6bd42bf6",
"url": "https://git.kernel.org/stable/c/7ec30c54f339c640aa7e49d7e9f7bbed6bd42bf6"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/bd2a2939423566c654545fa3e96a656662a0af9e",
"url": "https://git.kernel.org/stable/c/bd2a2939423566c654545fa3e96a656662a0af9e"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c184bc621e3cef03ac9ba81a50dda2dae6a21d36",
"url": "https://git.kernel.org/stable/c/c184bc621e3cef03ac9ba81a50dda2dae6a21d36"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/cf387cdebfaebae228dfba162f94c567a67610c3",
"url": "https://git.kernel.org/stable/c/cf387cdebfaebae228dfba162f94c567a67610c3"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/dc583e7e5f8515ca489c0df28e4362a70eade382",
"url": "https://git.kernel.org/stable/c/dc583e7e5f8515ca489c0df28e4362a70eade382"
}
],
"release_date": "2025-01-19T11:15:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2024-50299",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: properly validate chunk size in sctp_sf_ootb()\n\nA size validation fix similar to that in Commit 50619dbf8db7 (\"sctp: add\nsize validation when walking chunks\") is also required in sctp_sf_ootb()\nto address a crash reported by syzbot:\n\n BUG: KMSAN: uninit-value in sctp_sf_ootb+0x7f5/0xce0 net/sctp/sm_statefuns.c:3712\n sctp_sf_ootb+0x7f5/0xce0 net/sctp/sm_statefuns.c:3712\n sctp_do_sm+0x181/0x93d0 net/sctp/sm_sideeffect.c:1166\n sctp_endpoint_bh_rcv+0xc38/0xf90 net/sctp/endpointola.c:407\n sctp_inq_push+0x2ef/0x380 net/sctp/inqueue.c:88\n sctp_rcv+0x3831/0x3b20 net/sctp/input.c:243\n sctp4_rcv+0x42/0x50 net/sctp/protocol.c:1159\n ip_protocol_deliver_rcu+0xb51/0x13d0 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x336/0x500 net/ipv4/ip_input.c:233",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-50299"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/0ead60804b64f5bd6999eec88e503c6a1a242d41",
"url": "https://git.kernel.org/stable/c/0ead60804b64f5bd6999eec88e503c6a1a242d41"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/40b283ba76665437bc2ac72079c51b57b25bff9e",
"url": "https://git.kernel.org/stable/c/40b283ba76665437bc2ac72079c51b57b25bff9e"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/67b9a278b80f71ec62091ded97c6bcbea33b5ec3",
"url": "https://git.kernel.org/stable/c/67b9a278b80f71ec62091ded97c6bcbea33b5ec3"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/8820d2d6589f62ee5514793fff9b50c9f8101182",
"url": "https://git.kernel.org/stable/c/8820d2d6589f62ee5514793fff9b50c9f8101182"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/9b5d42aeaf1a52f73b003a33da6deef7df34685f",
"url": "https://git.kernel.org/stable/c/9b5d42aeaf1a52f73b003a33da6deef7df34685f"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/a758aa6a773bb872196bcc3173171ef8996bddf0",
"url": "https://git.kernel.org/stable/c/a758aa6a773bb872196bcc3173171ef8996bddf0"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/bf9bff13225baf5f658577f7d985fc4933d79527",
"url": "https://git.kernel.org/stable/c/bf9bff13225baf5f658577f7d985fc4933d79527"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/d3fb3cc83cf313e4f87063ce0f3fea76b071567b",
"url": "https://git.kernel.org/stable/c/d3fb3cc83cf313e4f87063ce0f3fea76b071567b"
}
],
"release_date": "2024-11-19T02:16:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2024-50273",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: reinitialize delayed ref list after deleting it from the list\n\nAt insert_delayed_ref() if we need to update the action of an existing\nref to BTRFS_DROP_DELAYED_REF, we delete the ref from its ref head's\nref_add_list using list_del(), which leaves the ref's add_list member\nnot reinitialized, as list_del() sets the next and prev members of the\nlist to LIST_POISON1 and LIST_POISON2, respectively.\n\nIf later we end up calling drop_delayed_ref() against the ref, which can\nhappen during merging or when destroying delayed refs due to a transaction\nabort, we can trigger a crash since at drop_delayed_ref() we call\nlist_empty() against the ref's add_list, which returns false since\nthe list was not reinitialized after the list_del() and as a consequence\nwe call list_del() again at drop_delayed_ref(). This results in an\ninvalid list access since the next and prev members are set to poison\npointers, resulting in a splat if CONFIG_LIST_HARDENED and\nCONFIG_DEBUG_LIST are set or invalid poison pointer dereferences\notherwise.\n\nSo fix this by deleting from the list with list_del_init() instead.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-50273"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/2cb1a73d1d44a1c11b0ee5eeced765dd80ec48e6",
"url": "https://git.kernel.org/stable/c/2cb1a73d1d44a1c11b0ee5eeced765dd80ec48e6"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/2fd0948a483e9cb2d669c7199bc620a21c97673d",
"url": "https://git.kernel.org/stable/c/2fd0948a483e9cb2d669c7199bc620a21c97673d"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/50a3933760b427759afdd23156a7280a19357a92",
"url": "https://git.kernel.org/stable/c/50a3933760b427759afdd23156a7280a19357a92"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/93c5b8decc0ef39ba84f4211d2db6da0a4aefbeb",
"url": "https://git.kernel.org/stable/c/93c5b8decc0ef39ba84f4211d2db6da0a4aefbeb"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/bf0b0c6d159767c0d1c21f793950d78486690ee0",
"url": "https://git.kernel.org/stable/c/bf0b0c6d159767c0d1c21f793950d78486690ee0"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c24fa427fc0ae827b2a3a07f13738cbf82c3f851",
"url": "https://git.kernel.org/stable/c/c24fa427fc0ae827b2a3a07f13738cbf82c3f851"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c9a75ec45f1111ef530ab186c2a7684d0a0c9245",
"url": "https://git.kernel.org/stable/c/c9a75ec45f1111ef530ab186c2a7684d0a0c9245"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/f04be6d68f715c1473a8422fc0460f57b5e99931",
"url": "https://git.kernel.org/stable/c/f04be6d68f715c1473a8422fc0460f57b5e99931"
}
],
"release_date": "2024-11-19T02:16:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2024-50287",
"cwe": {
"id": "CWE-369",
"name": "Divide By Zero"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: v4l2-tpg: prevent the risk of a division by zero\n\nAs reported by Coverity, the logic at tpg_precalculate_line()\nblindly rescales the buffer even when scaled_witdh is equal to\nzero. If this ever happens, this will cause a division by zero.\n\nInstead, add a WARN_ON_ONCE() to trigger such cases and return\nwithout doing any precalculation.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-50287"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/054931ca3cfcb8e8fa036e887d6f379942b02565",
"url": "https://git.kernel.org/stable/c/054931ca3cfcb8e8fa036e887d6f379942b02565"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/0bfc6e38ee2250f0503d96f1a1de441c31d88715",
"url": "https://git.kernel.org/stable/c/0bfc6e38ee2250f0503d96f1a1de441c31d88715"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/0cdb42ba0b28f548c1a4e86bb8489dba0d78fc21",
"url": "https://git.kernel.org/stable/c/0cdb42ba0b28f548c1a4e86bb8489dba0d78fc21"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/2d0f01aa602fd15a805771bdf3f4d9a9b4df7f47",
"url": "https://git.kernel.org/stable/c/2d0f01aa602fd15a805771bdf3f4d9a9b4df7f47"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/a749c15dccc58d9cbad9cd23bd8ab4b5fa96cf47",
"url": "https://git.kernel.org/stable/c/a749c15dccc58d9cbad9cd23bd8ab4b5fa96cf47"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c63c30c9d9f2c8de34b16cd2b8400240533b914e",
"url": "https://git.kernel.org/stable/c/c63c30c9d9f2c8de34b16cd2b8400240533b914e"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/e3c36d0bde309f690ed1f9cd5f7e63b3a513f94a",
"url": "https://git.kernel.org/stable/c/e3c36d0bde309f690ed1f9cd5f7e63b3a513f94a"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/e6a3ea83fbe15d4818d01804e904cbb0e64e543b",
"url": "https://git.kernel.org/stable/c/e6a3ea83fbe15d4818d01804e904cbb0e64e543b"
}
],
"release_date": "2024-11-19T02:16:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2024-49965",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: remove unreasonable unlock in ocfs2_read_blocks\n\nPatch series \"Misc fixes for ocfs2_read_blocks\", v5.\n\nThis series contains 2 fixes for ocfs2_read_blocks(). The first patch fix\nthe issue reported by syzbot, which detects bad unlock balance in\nocfs2_read_blocks(). The second patch fixes an issue reported by Heming\nZhao when reviewing above fix.\n\n\nThis patch (of 2):\n\nThere was a lock release before exiting, so remove the unreasonable unlock.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-49965"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/39a88623af3f1c686bf6db1e677ed865ffe6fccc",
"url": "https://git.kernel.org/stable/c/39a88623af3f1c686bf6db1e677ed865ffe6fccc"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3f1ca6ba5452d53c598a45d21267a2c0c221eef3",
"url": "https://git.kernel.org/stable/c/3f1ca6ba5452d53c598a45d21267a2c0c221eef3"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/5245f109b4afb6595360d4c180d483a6d2009a59",
"url": "https://git.kernel.org/stable/c/5245f109b4afb6595360d4c180d483a6d2009a59"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/81aba693b129e82e11bb54f569504d943d018de9",
"url": "https://git.kernel.org/stable/c/81aba693b129e82e11bb54f569504d943d018de9"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/84543da867c967edffd5065fa910ebf56aaae49d",
"url": "https://git.kernel.org/stable/c/84543da867c967edffd5065fa910ebf56aaae49d"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/9753bcb17b36c9add9b32c61766ddf8d2d161911",
"url": "https://git.kernel.org/stable/c/9753bcb17b36c9add9b32c61766ddf8d2d161911"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c03a82b4a0c935774afa01fd6d128b444fd930a1",
"url": "https://git.kernel.org/stable/c/c03a82b4a0c935774afa01fd6d128b444fd930a1"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/df4f20fc3673cee11abf2c571987a95733cb638d",
"url": "https://git.kernel.org/stable/c/df4f20fc3673cee11abf2c571987a95733cb638d"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/f55a33fe0fb5274ef185fd61947cf142138958af",
"url": "https://git.kernel.org/stable/c/f55a33fe0fb5274ef185fd61947cf142138958af"
}
],
"release_date": "2024-10-21T18:15:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2024-50179",
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nceph: remove the incorrect Fw reference check when dirtying pages\n\nWhen doing the direct-io reads it will also try to mark pages dirty,\nbut for the read path it won't hold the Fw caps and there is case\nwill it get the Fw reference.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-50179"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/11ab19d48ab877430eed0c7d83810970bbcbc4f6",
"url": "https://git.kernel.org/stable/c/11ab19d48ab877430eed0c7d83810970bbcbc4f6"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/126b567a2ef65fc38a71d832bf1216c56816f231",
"url": "https://git.kernel.org/stable/c/126b567a2ef65fc38a71d832bf1216c56816f231"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/74b302ebad5b43ac17460fa58092d892a3cba6eb",
"url": "https://git.kernel.org/stable/c/74b302ebad5b43ac17460fa58092d892a3cba6eb"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/9d4f619153bab7fa59736462967821d6521a38cb",
"url": "https://git.kernel.org/stable/c/9d4f619153bab7fa59736462967821d6521a38cb"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c08dfb1b49492c09cf13838c71897493ea3b424e",
"url": "https://git.kernel.org/stable/c/c08dfb1b49492c09cf13838c71897493ea3b424e"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c26c5ec832dd9e9dcd0a0a892a485c99889b68f0",
"url": "https://git.kernel.org/stable/c/c26c5ec832dd9e9dcd0a0a892a485c99889b68f0"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/ea98284fc4fb05f276737d2043b02b62be5a8dfb",
"url": "https://git.kernel.org/stable/c/ea98284fc4fb05f276737d2043b02b62be5a8dfb"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/f55e003d261baa7c57d51ae5c8ec1f5c26a35c89",
"url": "https://git.kernel.org/stable/c/f55e003d261baa7c57d51ae5c8ec1f5c26a35c89"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/f863bfd0a2c6c99011c62ea71ac04f8e78707da9",
"url": "https://git.kernel.org/stable/c/f863bfd0a2c6c99011c62ea71ac04f8e78707da9"
}
],
"release_date": "2024-11-08T06:15:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2024-50290",
"cwe": {
"id": "CWE-191",
"name": "Integer Underflow (Wrap or Wraparound)"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\nmedia: cx24116: prevent overflows on SNR calculus\nas reported by Coverity, if reading SNR registers fail, a negative\nnumber will be returned, causing an underflow when reading SNR\nregisters.\nPrevent that.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-50290"
}
],
"release_date": "2024-11-19T00:00:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2024-49877",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate\n\nWhen doing cleanup, if flags without OCFS2_BH_READAHEAD, it may trigger\nNULL pointer dereference in the following ocfs2_set_buffer_uptodate() if\nbh is NULL.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-49877"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/01cb2e751cc61ade454c9bc1aaa2eac1f8197112",
"url": "https://git.kernel.org/stable/c/01cb2e751cc61ade454c9bc1aaa2eac1f8197112"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/190d98bcd61117a78fe185222d162180f061a6ca",
"url": "https://git.kernel.org/stable/c/190d98bcd61117a78fe185222d162180f061a6ca"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/33b525cef4cff49e216e4133cc48452e11c0391e",
"url": "https://git.kernel.org/stable/c/33b525cef4cff49e216e4133cc48452e11c0391e"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/46b1edf0536a5291a8ad2337f88c926214b209d9",
"url": "https://git.kernel.org/stable/c/46b1edf0536a5291a8ad2337f88c926214b209d9"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/4846e72ab5a0726e49ad4188b9d9df091ae78c64",
"url": "https://git.kernel.org/stable/c/4846e72ab5a0726e49ad4188b9d9df091ae78c64"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/61b84013e560382cbe7dd56758be3154d43a3988",
"url": "https://git.kernel.org/stable/c/61b84013e560382cbe7dd56758be3154d43a3988"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/d52c5652e7dcb7a0648bbb8642cc3e617070ab49",
"url": "https://git.kernel.org/stable/c/d52c5652e7dcb7a0648bbb8642cc3e617070ab49"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/df944dc46d06af65a75191183d52be017e6b9dbe",
"url": "https://git.kernel.org/stable/c/df944dc46d06af65a75191183d52be017e6b9dbe"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/e68c8323355e8cedfbe0bec7d5a39009f61640b6",
"url": "https://git.kernel.org/stable/c/e68c8323355e8cedfbe0bec7d5a39009f61640b6"
}
],
"release_date": "2024-10-21T18:15:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2024-49938",
"cwe": {
"id": "CWE-824",
"name": "Access of Uninitialized Pointer"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit\n\nSyzbot points out that skb_trim() has a sanity check on the existing length of\nthe skb, which can be uninitialised in some error paths. The intent here is\nclearly just to reset the length to zero before resubmitting, so switch to\ncalling __skb_set_length(skb, 0) directly. In addition, __skb_set_length()\nalready contains a call to skb_reset_tail_pointer(), so remove the redundant\ncall.\n\nThe syzbot report came from ath9k_hif_usb_reg_in_cb(), but there's a similar\nusage of skb_trim() in ath9k_hif_usb_rx_cb(), change both while we're at it.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-49938"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/012ae530afa0785102360de452745d33c99a321b",
"url": "https://git.kernel.org/stable/c/012ae530afa0785102360de452745d33c99a321b"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/2c230210ec0ae6ed08306ac70dc21c24b817bb95",
"url": "https://git.kernel.org/stable/c/2c230210ec0ae6ed08306ac70dc21c24b817bb95"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6a875220670475d9247e576c15dc29823100a4e4",
"url": "https://git.kernel.org/stable/c/6a875220670475d9247e576c15dc29823100a4e4"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/94745807f3ebd379f23865e6dab196f220664179",
"url": "https://git.kernel.org/stable/c/94745807f3ebd379f23865e6dab196f220664179"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/a9f4e28e8adaf0715bd4e01462af0a52ee46b01f",
"url": "https://git.kernel.org/stable/c/a9f4e28e8adaf0715bd4e01462af0a52ee46b01f"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b02eb7c86ff2ef1411c3095ec8a52b13f68db04f",
"url": "https://git.kernel.org/stable/c/b02eb7c86ff2ef1411c3095ec8a52b13f68db04f"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/d1f2fbc6a769081503f6ffedbb5cd1ac497f0e77",
"url": "https://git.kernel.org/stable/c/d1f2fbc6a769081503f6ffedbb5cd1ac497f0e77"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/e37e348835032d6940ec89308cc8996ded691d2d",
"url": "https://git.kernel.org/stable/c/e37e348835032d6940ec89308cc8996ded691d2d"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/e6b9bf32e0695e4f374674002de0527d2a6768eb",
"url": "https://git.kernel.org/stable/c/e6b9bf32e0695e4f374674002de0527d2a6768eb"
}
],
"release_date": "2024-10-21T18:15:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2024-50008",
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_cmd_802_11_scan_ext()\n\nReplace one-element array with a flexible-array member in\n`struct host_cmd_ds_802_11_scan_ext`.\n\nWith this, fix the following warning:\n\nelo 16 17:51:58 surfacebook kernel: ------------[ cut here ]------------\nelo 16 17:51:58 surfacebook kernel: memcpy: detected field-spanning write (size 243) of single field \"ext_scan->tlv_buffer\" at drivers/net/wireless/marvell/mwifiex/scan.c:2239 (size 1)\nelo 16 17:51:58 surfacebook kernel: WARNING: CPU: 0 PID: 498 at drivers/net/wireless/marvell/mwifiex/scan.c:2239 mwifiex_cmd_802_11_scan_ext+0x83/0x90 [mwifiex]",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-50008"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/17199b69a84798efffc475040fbef44374ef1de1",
"url": "https://git.kernel.org/stable/c/17199b69a84798efffc475040fbef44374ef1de1"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/1756918f51e9ab247a0f4782cc28853c2bb457c1",
"url": "https://git.kernel.org/stable/c/1756918f51e9ab247a0f4782cc28853c2bb457c1"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/498365e52bebcbc36a93279fe7e9d6aec8479cee",
"url": "https://git.kernel.org/stable/c/498365e52bebcbc36a93279fe7e9d6aec8479cee"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/71267bd4e8c752d7af6c6b96bb83984a6a95273d",
"url": "https://git.kernel.org/stable/c/71267bd4e8c752d7af6c6b96bb83984a6a95273d"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/a3a12c30f9510f3753286fadbc6cdb7dad78c1d5",
"url": "https://git.kernel.org/stable/c/a3a12c30f9510f3753286fadbc6cdb7dad78c1d5"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b55c8848fdc81514ec047b2a0ec782ffe9ab5323",
"url": "https://git.kernel.org/stable/c/b55c8848fdc81514ec047b2a0ec782ffe9ab5323"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/e59bdb1ba594104cd0ee0af3ee9e4435d842a8fe",
"url": "https://git.kernel.org/stable/c/e59bdb1ba594104cd0ee0af3ee9e4435d842a8fe"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/f9310a6704bf52e2493480edea896e1f9b795d40",
"url": "https://git.kernel.org/stable/c/f9310a6704bf52e2493480edea896e1f9b795d40"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/fef7b51f22cf2049b0ca6740adeb0ba6f2e671dc",
"url": "https://git.kernel.org/stable/c/fef7b51f22cf2049b0ca6740adeb0ba6f2e671dc"
}
],
"release_date": "2024-10-21T19:15:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2024-47672",
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: don't wait for tx queues if firmware is dead\n\nThere is a WARNING in iwl_trans_wait_tx_queues_empty() (that was\nrecently converted from just a message), that can be hit if we\nwait for TX queues to become empty after firmware died. Clearly,\nwe can't expect anything from the firmware after it's declared dead.\n\nDon't call iwl_trans_wait_tx_queues_empty() in this case. While it could\nbe a good idea to stop the flow earlier, the flush functions do some\nmaintenance work that is not related to the firmware, so keep that part\nof the code running even when the firmware is not running.\n\n[edit commit message]",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-47672"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/16c1e5d5228f26f120e12e6ca55c59c3a5e6dece",
"url": "https://git.kernel.org/stable/c/16c1e5d5228f26f120e12e6ca55c59c3a5e6dece"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/1afed66cb271b3e65fe9df1c9fba2bf4b1f55669",
"url": "https://git.kernel.org/stable/c/1afed66cb271b3e65fe9df1c9fba2bf4b1f55669"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/1b0cd832c9607f41f84053b818e0b7908510a3b9",
"url": "https://git.kernel.org/stable/c/1b0cd832c9607f41f84053b818e0b7908510a3b9"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3a84454f5204718ca5b4ad2c1f0bf2031e2403d1",
"url": "https://git.kernel.org/stable/c/3a84454f5204718ca5b4ad2c1f0bf2031e2403d1"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/4d0a900ec470d392476c428875dbf053f8a0ae5e",
"url": "https://git.kernel.org/stable/c/4d0a900ec470d392476c428875dbf053f8a0ae5e"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/7188b7a72320367554b76d8f298417b070b05dd3",
"url": "https://git.kernel.org/stable/c/7188b7a72320367554b76d8f298417b070b05dd3"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/ad2fcc2daa203a6ad491f00e9ae3b7867e8fe0f3",
"url": "https://git.kernel.org/stable/c/ad2fcc2daa203a6ad491f00e9ae3b7867e8fe0f3"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/de46b1d24f5f752b3bd8b46673c2ea4239661244",
"url": "https://git.kernel.org/stable/c/de46b1d24f5f752b3bd8b46673c2ea4239661244"
}
],
"release_date": "2024-10-09T15:15:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2025-21689",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb()\n\nThis patch addresses a null-ptr-deref in qt2_process_read_urb() due to\nan incorrect bounds check in the following:\n\n if (newport > serial->num_ports) {\n dev_err(&port->dev,\n \"%s - port change to invalid port: %i\\n\",\n __func__, newport);\n break;\n }\n\nThe condition doesn't account for the valid range of the serial->port\nbuffer, which is from 0 to serial->num_ports - 1. When newport is equal\nto serial->num_ports, the assignment of \"port\" in the\nfollowing code is out-of-bounds and NULL:\n\n serial_priv->current_port = newport;\n port = serial->port[serial_priv->current_port];\n\nThe fix checks if newport is greater than or equal to serial->num_ports\nindicating it is out-of-bounds.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-21689"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/4b9b41fabcd38990f69ef0cee9c631d954a2b530",
"url": "https://git.kernel.org/stable/c/4b9b41fabcd38990f69ef0cee9c631d954a2b530"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/575a5adf48b06a2980c9eeffedf699ed5534fade",
"url": "https://git.kernel.org/stable/c/575a5adf48b06a2980c9eeffedf699ed5534fade"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6068dcff7f19e9fa6fa23ee03453ad6a40fa4efe",
"url": "https://git.kernel.org/stable/c/6068dcff7f19e9fa6fa23ee03453ad6a40fa4efe"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6377838560c03b36e1153a42ef727533def9b68f",
"url": "https://git.kernel.org/stable/c/6377838560c03b36e1153a42ef727533def9b68f"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/8542b33622571f54dfc2a267fce378b6e3840b8b",
"url": "https://git.kernel.org/stable/c/8542b33622571f54dfc2a267fce378b6e3840b8b"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/94770cf7c5124f0268d481886829dc2beecc4507",
"url": "https://git.kernel.org/stable/c/94770cf7c5124f0268d481886829dc2beecc4507"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/f371471708c7d997f763b0e70565026eb67cc470",
"url": "https://git.kernel.org/stable/c/f371471708c7d997f763b0e70565026eb67cc470"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/fa4c7472469d97c4707698b4c0e098f8cfc2bf22",
"url": "https://git.kernel.org/stable/c/fa4c7472469d97c4707698b4c0e098f8cfc2bf22"
}
],
"release_date": "2025-02-10T16:15:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2024-38544",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\nRDMA/rxe: Fix seg fault in rxe_comp_queue_pkt\nIn rxe_comp_queue_pkt() an incoming response packet skb is enqueued to the\nresp_pkts queue and then a decision is made whether to run the completer\ntask inline or schedule it. Finally the skb is dereferenced to bump a 'hw'\nperformance counter. This is wrong because if the completer task is\nalready running in a separate thread it may have already processed the skb\nand freed it which can cause a seg fault. This has been observed\ninfrequently in testing at high scale.\nThis patch fixes this by changing the order of enqueuing the packet until\nafter the counter is accessed.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-38544"
}
],
"release_date": "2024-06-19T00:00:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2024-53101",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: Fix uninitialized value issue in from_kuid and from_kgid\n\nocfs2_setattr() uses attr->ia_mode, attr->ia_uid and attr->ia_gid in\na trace point even though ATTR_MODE, ATTR_UID and ATTR_GID aren't set.\n\nInitialize all fields of newattrs to avoid uninitialized variables, by\nchecking if ATTR_MODE, ATTR_UID, ATTR_GID are initialized, otherwise 0.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-53101"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/15f34347481648a567db67fb473c23befb796af5",
"url": "https://git.kernel.org/stable/c/15f34347481648a567db67fb473c23befb796af5"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/17ecb40c5cc7755a321fb6148cba5797431ee5b8",
"url": "https://git.kernel.org/stable/c/17ecb40c5cc7755a321fb6148cba5797431ee5b8"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/1c28bca1256aecece6e94b26b85cd07e08b0dc90",
"url": "https://git.kernel.org/stable/c/1c28bca1256aecece6e94b26b85cd07e08b0dc90"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/1cb5bfc5bfc651982b6203c224d49b7ddacf28bc",
"url": "https://git.kernel.org/stable/c/1cb5bfc5bfc651982b6203c224d49b7ddacf28bc"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/5a72b0d3497b818d8f000c347a7c11801eb27bfc",
"url": "https://git.kernel.org/stable/c/5a72b0d3497b818d8f000c347a7c11801eb27bfc"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/9db25c2b41c34963c3ccf473b08171f87670652e",
"url": "https://git.kernel.org/stable/c/9db25c2b41c34963c3ccf473b08171f87670652e"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/a0c77e5e3dcbffc7c6080ccc89c037f0c86496cf",
"url": "https://git.kernel.org/stable/c/a0c77e5e3dcbffc7c6080ccc89c037f0c86496cf"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b3e612bd8f64ce62e731e95f635e06a2efe3c80c",
"url": "https://git.kernel.org/stable/c/b3e612bd8f64ce62e731e95f635e06a2efe3c80c"
}
],
"release_date": "2024-11-25T22:15:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2024-53131",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix null-ptr-deref in block_touch_buffer tracepoint\n\nPatch series \"nilfs2: fix null-ptr-deref bugs on block tracepoints\".\n\nThis series fixes null pointer dereference bugs that occur when using\nnilfs2 and two block-related tracepoints.\n\n\nThis patch (of 2):\n\nIt has been reported that when using \"block:block_touch_buffer\"\ntracepoint, touch_buffer() called from __nilfs_get_folio_block() causes a\nNULL pointer dereference, or a general protection fault when KASAN is\nenabled.\n\nThis happens because since the tracepoint was added in touch_buffer(), it\nreferences the dev_t member bh->b_bdev->bd_dev regardless of whether the\nbuffer head has a pointer to a block_device structure. In the current\nimplementation, the block_device structure is set after the function\nreturns to the caller.\n\nHere, touch_buffer() is used to mark the folio/page that owns the buffer\nhead as accessed, but the common search helper for folio/page used by the\ncaller function was optimized to mark the folio/page as accessed when it\nwas reimplemented a long time ago, eliminating the need to call\ntouch_buffer() here in the first place.\n\nSo this solves the issue by eliminating the touch_buffer() call itself.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-53131"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/085556bf8c70e2629e02e79268dac3016a08b8bf",
"url": "https://git.kernel.org/stable/c/085556bf8c70e2629e02e79268dac3016a08b8bf"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/19c71cdd77973f99a9adc3190130bc3aa7ae5423",
"url": "https://git.kernel.org/stable/c/19c71cdd77973f99a9adc3190130bc3aa7ae5423"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3b2a4fd9bbee77afdd3ed5a05a0c02b6cde8d3b9",
"url": "https://git.kernel.org/stable/c/3b2a4fd9bbee77afdd3ed5a05a0c02b6cde8d3b9"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/59b49ca67cca7b007a5afd3de0283c8008157665",
"url": "https://git.kernel.org/stable/c/59b49ca67cca7b007a5afd3de0283c8008157665"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6438f3f42cda825f6f59b4e45ac3a1da28a6f2c9",
"url": "https://git.kernel.org/stable/c/6438f3f42cda825f6f59b4e45ac3a1da28a6f2c9"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/77e47f89d32c2d72eb33d0becbce7abe14d061f4",
"url": "https://git.kernel.org/stable/c/77e47f89d32c2d72eb33d0becbce7abe14d061f4"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b017697a517f8779ada4e8ce1c2c75dbf60a2636",
"url": "https://git.kernel.org/stable/c/b017697a517f8779ada4e8ce1c2c75dbf60a2636"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/cd45e963e44b0f10d90b9e6c0e8b4f47f3c92471",
"url": "https://git.kernel.org/stable/c/cd45e963e44b0f10d90b9e6c0e8b4f47f3c92471"
}
],
"release_date": "2024-12-04T15:15:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2024-56748",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qedf: Fix a possible memory leak in qedf_alloc_and_init_sb()\n\nHook \"qed_ops->common->sb_init = qed_sb_init\" does not release the DMA\nmemory sb_virt when it fails. Add dma_free_coherent() to free it. This\nis the same way as qedr_alloc_mem_sb() and qede_alloc_mem_sb().",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-56748"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/0e04bd5a11dffe8c1c0e4c9fc79f7d3cd6182dd5",
"url": "https://git.kernel.org/stable/c/0e04bd5a11dffe8c1c0e4c9fc79f7d3cd6182dd5"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/64654bf5efb3f748e6fc41227adda689618ce9c4",
"url": "https://git.kernel.org/stable/c/64654bf5efb3f748e6fc41227adda689618ce9c4"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/78a169dc69fbdaf114c40e2d56955bf6bd4fc3c0",
"url": "https://git.kernel.org/stable/c/78a169dc69fbdaf114c40e2d56955bf6bd4fc3c0"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/7c1832287b21ff68c4e3625e63cc7619edf5908b",
"url": "https://git.kernel.org/stable/c/7c1832287b21ff68c4e3625e63cc7619edf5908b"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/97384449ddfc07f12ca75f510eb070020d7abb34",
"url": "https://git.kernel.org/stable/c/97384449ddfc07f12ca75f510eb070020d7abb34"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/a56777a3ef5b35e24a20c4418bcf88bad033807a",
"url": "https://git.kernel.org/stable/c/a56777a3ef5b35e24a20c4418bcf88bad033807a"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b514f45e0fe18d763a1afc34401b1585333cb329",
"url": "https://git.kernel.org/stable/c/b514f45e0fe18d763a1afc34401b1585333cb329"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c62c30429db3eb4ced35c7fcf6f04a61ce3a01bb",
"url": "https://git.kernel.org/stable/c/c62c30429db3eb4ced35c7fcf6f04a61ce3a01bb"
}
],
"release_date": "2024-12-29T12:15:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2024-50251",
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_payload: sanitize offset and length before calling skb_checksum()\n\nIf access to offset + length is larger than the skbuff length, then\nskb_checksum() triggers BUG_ON().\n\nskb_checksum() internally subtracts the length parameter while iterating\nover skbuff, BUG_ON(len) at the end of it checks that the expected\nlength to be included in the checksum calculation is fully consumed.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-50251"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/0ab3be58b45b996764aba0187b46de19b3e58a72",
"url": "https://git.kernel.org/stable/c/0ab3be58b45b996764aba0187b46de19b3e58a72"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/a661ed364ae6ae88c2fafa9ddc27df1af2a73701",
"url": "https://git.kernel.org/stable/c/a661ed364ae6ae88c2fafa9ddc27df1af2a73701"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/ac7df3fc80fc82bcc3b1e8f6ebc0d2c435d0c534",
"url": "https://git.kernel.org/stable/c/ac7df3fc80fc82bcc3b1e8f6ebc0d2c435d0c534"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b1d2de8a669fa14c499a385e056944d5352b3b40",
"url": "https://git.kernel.org/stable/c/b1d2de8a669fa14c499a385e056944d5352b3b40"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c43e0ea848e7b9bef7a682cbc5608022d6d29d7b",
"url": "https://git.kernel.org/stable/c/c43e0ea848e7b9bef7a682cbc5608022d6d29d7b"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/d3217323525f7596427124359e76ea0d8fcc9874",
"url": "https://git.kernel.org/stable/c/d3217323525f7596427124359e76ea0d8fcc9874"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/d5953d680f7e96208c29ce4139a0e38de87a57fe",
"url": "https://git.kernel.org/stable/c/d5953d680f7e96208c29ce4139a0e38de87a57fe"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/e3e608cbad376674d19a71ccd0d41804d9393f02",
"url": "https://git.kernel.org/stable/c/e3e608cbad376674d19a71ccd0d41804d9393f02"
},
{
"category": "external",
"summary": "https://github.com/slavin-ayu/CVE-2024-50251-PoC",
"url": "https://github.com/slavin-ayu/CVE-2024-50251-PoC"
}
],
"release_date": "2024-11-09T11:15:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2024-57996",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: sch_sfq: don't allow 1 packet limit\n\nThe current implementation does not work correctly with a limit of\n1. iproute2 actually checks for this and this patch adds the check in\nkernel as well.\n\nThis fixes the following syzkaller reported crash:\n\nUBSAN: array-index-out-of-bounds in net/sched/sch_sfq.c:210:6\nindex 65535 is out of range for type 'struct sfq_head[128]'\nCPU: 0 PID: 2569 Comm: syz-executor101 Not tainted 5.10.0-smp-DEV #1\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n __dump_stack lib/dump_stack.c:79 [inline]\n dump_stack+0x125/0x19f lib/dump_stack.c:120\n ubsan_epilogue lib/ubsan.c:148 [inline]\n __ubsan_handle_out_of_bounds+0xed/0x120 lib/ubsan.c:347\n sfq_link net/sched/sch_sfq.c:210 [inline]\n sfq_dec+0x528/0x600 net/sched/sch_sfq.c:238\n sfq_dequeue+0x39b/0x9d0 net/sched/sch_sfq.c:500\n sfq_reset+0x13/0x50 net/sched/sch_sfq.c:525\n qdisc_reset+0xfe/0x510 net/sched/sch_generic.c:1026\n tbf_reset+0x3d/0x100 net/sched/sch_tbf.c:319\n qdisc_reset+0xfe/0x510 net/sched/sch_generic.c:1026\n dev_reset_queue+0x8c/0x140 net/sched/sch_generic.c:1296\n netdev_for_each_tx_queue include/linux/netdevice.h:2350 [inline]\n dev_deactivate_many+0x6dc/0xc20 net/sched/sch_generic.c:1362\n __dev_close_many+0x214/0x350 net/core/dev.c:1468\n dev_close_many+0x207/0x510 net/core/dev.c:1506\n unregister_netdevice_many+0x40f/0x16b0 net/core/dev.c:10738\n unregister_netdevice_queue+0x2be/0x310 net/core/dev.c:10695\n unregister_netdevice include/linux/netdevice.h:2893 [inline]\n __tun_detach+0x6b6/0x1600 drivers/net/tun.c:689\n tun_detach drivers/net/tun.c:705 [inline]\n tun_chr_close+0x104/0x1b0 drivers/net/tun.c:3640\n __fput+0x203/0x840 fs/file_table.c:280\n task_work_run+0x129/0x1b0 kernel/task_work.c:185\n exit_task_work include/linux/task_work.h:33 [inline]\n do_exit+0x5ce/0x2200 kernel/exit.c:931\n do_group_exit+0x144/0x310 kernel/exit.c:1046\n __do_sys_exit_group kernel/exit.c:1057 [inline]\n __se_sys_exit_group kernel/exit.c:1055 [inline]\n __x64_sys_exit_group+0x3b/0x40 kernel/exit.c:1055\n do_syscall_64+0x6c/0xd0\n entry_SYSCALL_64_after_hwframe+0x61/0xcb\nRIP: 0033:0x7fe5e7b52479\nCode: Unable to access opcode bytes at RIP 0x7fe5e7b5244f.\nRSP: 002b:00007ffd3c800398 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe5e7b52479\nRDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000\nRBP: 00007fe5e7bcd2d0 R08: ffffffffffffffb8 R09: 0000000000000014\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007fe5e7bcd2d0\nR13: 0000000000000000 R14: 00007fe5e7bcdd20 R15: 00007fe5e7b24270\n\nThe crash can be also be reproduced with the following (with a tc\nrecompiled to allow for sfq limits of 1):\n\ntc qdisc add dev dummy0 handle 1: root tbf rate 1Kbit burst 100b lat 1s\n../iproute2-6.9.0/tc/tc qdisc add dev dummy0 handle 2: parent 1:10 sfq limit 1\nifconfig dummy0 up\nping -I dummy0 -f -c2 -W0.1 8.8.8.8\nsleep 1\n\nScenario that triggers the crash:\n\n* the first packet is sent and queued in TBF and SFQ; qdisc qlen is 1\n\n* TBF dequeues: it peeks from SFQ which moves the packet to the\n gso_skb list and keeps qdisc qlen set to 1. TBF is out of tokens so\n it schedules itself for later.\n\n* the second packet is sent and TBF tries to queues it to SFQ. qdisc\n qlen is now 2 and because the SFQ limit is 1 the packet is dropped\n by SFQ. At this point qlen is 1, and all of the SFQ slots are empty,\n however q->tail is not NULL.\n\nAt this point, assuming no more packets are queued, when sch_dequeue\nruns again it will decrement the qlen for the current empty slot\ncausing an underflow and the subsequent out of bounds access.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-57996"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/10685681bafce6febb39770f3387621bf5d67d0b",
"url": "https://git.kernel.org/stable/c/10685681bafce6febb39770f3387621bf5d67d0b"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/1b562b7f9231432da40d12e19786c1bd7df653a7",
"url": "https://git.kernel.org/stable/c/1b562b7f9231432da40d12e19786c1bd7df653a7"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/1e6d9d87626cf89eeffb4d943db12cb5b10bf961",
"url": "https://git.kernel.org/stable/c/1e6d9d87626cf89eeffb4d943db12cb5b10bf961"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/35d0137305ae2f97260a9047f445bd4434bd6cc7",
"url": "https://git.kernel.org/stable/c/35d0137305ae2f97260a9047f445bd4434bd6cc7"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/7d8947f2153ee9c5ab4cb17861a11cc45f30e8c4",
"url": "https://git.kernel.org/stable/c/7d8947f2153ee9c5ab4cb17861a11cc45f30e8c4"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/7fefc294204f10a3405f175f4ac2be16d63f135e",
"url": "https://git.kernel.org/stable/c/7fefc294204f10a3405f175f4ac2be16d63f135e"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/833e9a1c27b82024db7ff5038a51651f48f05e5e",
"url": "https://git.kernel.org/stable/c/833e9a1c27b82024db7ff5038a51651f48f05e5e"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/e12f6013d0a69660e8b99bfe381b9546ae667328",
"url": "https://git.kernel.org/stable/c/e12f6013d0a69660e8b99bfe381b9546ae667328"
}
],
"release_date": "2025-02-27T02:15:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2024-49959",
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error\n\nIn __jbd2_log_wait_for_space(), we might call jbd2_cleanup_journal_tail()\nto recover some journal space. But if an error occurs while executing\njbd2_cleanup_journal_tail() (e.g., an EIO), we don't stop waiting for free\nspace right away, we try other branches, and if j_committing_transaction\nis NULL (i.e., the tid is 0), we will get the following complain:\n\n============================================\nJBD2: I/O error when updating journal superblock for sdd-8.\n__jbd2_log_wait_for_space: needed 256 blocks and only had 217 space available\n__jbd2_log_wait_for_space: no way to get more journal space in sdd-8\n------------[ cut here ]------------\nWARNING: CPU: 2 PID: 139804 at fs/jbd2/checkpoint.c:109 __jbd2_log_wait_for_space+0x251/0x2e0\nModules linked in:\nCPU: 2 PID: 139804 Comm: kworker/u8:3 Not tainted 6.6.0+ #1\nRIP: 0010:__jbd2_log_wait_for_space+0x251/0x2e0\nCall Trace:\n \n add_transaction_credits+0x5d1/0x5e0\n start_this_handle+0x1ef/0x6a0\n jbd2__journal_start+0x18b/0x340\n ext4_dirty_inode+0x5d/0xb0\n __mark_inode_dirty+0xe4/0x5d0\n generic_update_time+0x60/0x70\n[...]\n============================================\n\nSo only if jbd2_cleanup_journal_tail() returns 1, i.e., there is nothing to\nclean up at the moment, continue to try to reclaim free space in other ways.\n\nNote that this fix relies on commit 6f6a6fda2945 (\"jbd2: fix ocfs2 corrupt\nwhen updating journal superblock fails\") to make jbd2_cleanup_journal_tail\nreturn the correct error code.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-49959"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/1c62dc0d82c62f0dc8fcdc4843208e522acccaf5",
"url": "https://git.kernel.org/stable/c/1c62dc0d82c62f0dc8fcdc4843208e522acccaf5"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3ced0fe6c0eff032733ea8b38778b34707270138",
"url": "https://git.kernel.org/stable/c/3ced0fe6c0eff032733ea8b38778b34707270138"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/481e8f18a290e39e04ddb7feb2bb2a2cc3b213ed",
"url": "https://git.kernel.org/stable/c/481e8f18a290e39e04ddb7feb2bb2a2cc3b213ed"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/70bae48377a2c4296fd3caf4caf8f11079111019",
"url": "https://git.kernel.org/stable/c/70bae48377a2c4296fd3caf4caf8f11079111019"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/801a35dfef6996f3d5eaa96a59caf00440d9165e",
"url": "https://git.kernel.org/stable/c/801a35dfef6996f3d5eaa96a59caf00440d9165e"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c6bf043b210eac67d35a114e345c4e5585672913",
"url": "https://git.kernel.org/stable/c/c6bf043b210eac67d35a114e345c4e5585672913"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/d5dc65370a746750dbb2f03eabcf86b18db65f32",
"url": "https://git.kernel.org/stable/c/d5dc65370a746750dbb2f03eabcf86b18db65f32"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/ec7f8337c98ad281020ad1f11ba492462d80737a",
"url": "https://git.kernel.org/stable/c/ec7f8337c98ad281020ad1f11ba492462d80737a"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/f5cacdc6f2bb2a9bf214469dd7112b43dd2dd68a",
"url": "https://git.kernel.org/stable/c/f5cacdc6f2bb2a9bf214469dd7112b43dd2dd68a"
}
],
"release_date": "2024-10-21T18:15:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2022-49179",
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\nblock, bfq: don't move oom_bfqq\nOur test report a UAF:\n[ 2073.019181] ==================================================================\n[ 2073.019188] BUG: KASAN: use-after-free in __bfq_put_async_bfqq+0xa0/0x168\n[ 2073.019191] Write of size 8 at addr ffff8000ccf64128 by task rmmod/72584\n[ 2073.019192]\n[ 2073.019196] CPU: 0 PID: 72584 Comm: rmmod Kdump: loaded Not tainted 4.19.90-yk #5\n[ 2073.019198] Hardware name: QEMU KVM Virtual Machine, BIOS 0.0.0 02/06/2015\n[ 2073.019200] Call trace:\n[ 2073.019203] dump_backtrace+0x0/0x310\n[ 2073.019206] show_stack+0x28/0x38\n[ 2073.019210] dump_stack+0xec/0x15c\n[ 2073.019216] print_address_description+0x68/0x2d0\n[ 2073.019220] kasan_report+0x238/0x2f0\n[ 2073.019224] __asan_store8+0x88/0xb0\n[ 2073.019229] __bfq_put_async_bfqq+0xa0/0x168\n[ 2073.019233] bfq_put_async_queues+0xbc/0x208\n[ 2073.019236] bfq_pd_offline+0x178/0x238\n[ 2073.019240] blkcg_deactivate_policy+0x1f0/0x420\n[ 2073.019244] bfq_exit_queue+0x128/0x178\n[ 2073.019249] blk_mq_exit_sched+0x12c/0x160\n[ 2073.019252] elevator_exit+0xc8/0xd0\n[ 2073.019256] blk_exit_queue+0x50/0x88\n[ 2073.019259] blk_cleanup_queue+0x228/0x3d8\n[ 2073.019267] null_del_dev+0xfc/0x1e0 [null_blk]\n[ 2073.019274] null_exit+0x90/0x114 [null_blk]\n[ 2073.019278] __arm64_sys_delete_module+0x358/0x5a0\n[ 2073.019282] el0_svc_common+0xc8/0x320\n[ 2073.019287] el0_svc_handler+0xf8/0x160\n[ 2073.019290] el0_svc+0x10/0x218\n[ 2073.019291]\n[ 2073.019294] Allocated by task 14163:\n[ 2073.019301] kasan_kmalloc+0xe0/0x190\n[ 2073.019305] kmem_cache_alloc_node_trace+0x1cc/0x418\n[ 2073.019308] bfq_pd_alloc+0x54/0x118\n[ 2073.019313] blkcg_activate_policy+0x250/0x460\n[ 2073.019317] bfq_create_group_hierarchy+0x38/0x110\n[ 2073.019321] bfq_init_queue+0x6d0/0x948\n[ 2073.019325] blk_mq_init_sched+0x1d8/0x390\n[ 2073.019330] elevator_switch_mq+0x88/0x170\n[ 2073.019334] elevator_switch+0x140/0x270\n[ 2073.019338] elv_iosched_store+0x1a4/0x2a0\n[ 2073.019342] queue_attr_store+0x90/0xe0\n[ 2073.019348] sysfs_kf_write+0xa8/0xe8\n[ 2073.019351] kernfs_fop_write+0x1f8/0x378\n[ 2073.019359] __vfs_write+0xe0/0x360\n[ 2073.019363] vfs_write+0xf0/0x270\n[ 2073.019367] ksys_write+0xdc/0x1b8\n[ 2073.019371] __arm64_sys_write+0x50/0x60\n[ 2073.019375] el0_svc_common+0xc8/0x320\n[ 2073.019380] el0_svc_handler+0xf8/0x160\n[ 2073.019383] el0_svc+0x10/0x218\n[ 2073.019385]\n[ 2073.019387] Freed by task 72584:\n[ 2073.019391] __kasan_slab_free+0x120/0x228\n[ 2073.019394] kasan_slab_free+0x10/0x18\n[ 2073.019397] kfree+0x94/0x368\n[ 2073.019400] bfqg_put+0x64/0xb0\n[ 2073.019404] bfqg_and_blkg_put+0x90/0xb0\n[ 2073.019408] bfq_put_queue+0x220/0x228\n[ 2073.019413] __bfq_put_async_bfqq+0x98/0x168\n[ 2073.019416] bfq_put_async_queues+0xbc/0x208\n[ 2073.019420] bfq_pd_offline+0x178/0x238\n[ 2073.019424] blkcg_deactivate_policy+0x1f0/0x420\n[ 2073.019429] bfq_exit_queue+0x128/0x178\n[ 2073.019433] blk_mq_exit_sched+0x12c/0x160\n[ 2073.019437] elevator_exit+0xc8/0xd0\n[ 2073.019440] blk_exit_queue+0x50/0x88\n[ 2073.019443] blk_cleanup_queue+0x228/0x3d8\n[ 2073.019451] null_del_dev+0xfc/0x1e0 [null_blk]\n[ 2073.019459] null_exit+0x90/0x114 [null_blk]\n[ 2073.019462] __arm64_sys_delete_module+0x358/0x5a0\n[ 2073.019467] el0_svc_common+0xc8/0x320\n[ 2073.019471] el0_svc_handler+0xf8/0x160\n[ 2073.019474] el0_svc+0x10/0x218\n[ 2073.019475]\n[ 2073.019479] The buggy address belongs to the object at ffff8000ccf63f00\nwhich belongs to the cache kmalloc-1024 of size 1024\n[ 2073.019484] The buggy address is located 552 bytes inside of\n1024-byte region [ffff8000ccf63f00, ffff8000ccf64300)\n[ 2073.019486] The buggy address belongs to the page:\n[ 2073.019492] page:ffff7e000333d800 count:1 mapcount:0 mapping:ffff8000c0003a00 index:0x0 compound_mapcount: 0\n[ 2073.020123] flags: 0x7ffff0000008100(slab|head)\n[ 2073.020403] raw: 07ffff0000008100 ffff7e0003334c08 ffff7e00001f5a08 ffff8000c0003a00\n[ 2073.020409] ra\n---truncated---",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2022-49179"
}
],
"release_date": "2025-02-26T00:00:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2024-41016",
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\nocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry()\nxattr in ocfs2 maybe 'non-indexed', which saved with additional space\nrequested. It's better to check if the memory is out of bound before\nmemcmp, although this possibility mainly comes from crafted poisonous\nimages.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-41016"
}
],
"release_date": "2024-07-29T00:00:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2024-49949",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: avoid potential underflow in qdisc_pkt_len_init() with UFO\n\nAfter commit 7c6d2ecbda83 (\"net: be more gentle about silly gso\nrequests coming from user\") virtio_net_hdr_to_skb() had sanity check\nto detect malicious attempts from user space to cook a bad GSO packet.\n\nThen commit cf9acc90c80ec (\"net: virtio_net_hdr_to_skb: count\ntransport header in UFO\") while fixing one issue, allowed user space\nto cook a GSO packet with the following characteristic :\n\nIPv4 SKB_GSO_UDP, gso_size=3, skb->len = 28.\n\nWhen this packet arrives in qdisc_pkt_len_init(), we end up\nwith hdr_len = 28 (IPv4 header + UDP header), matching skb->len\n\nThen the following sets gso_segs to 0 :\n\ngso_segs = DIV_ROUND_UP(skb->len - hdr_len,\n shinfo->gso_size);\n\nThen later we set qdisc_skb_cb(skb)->pkt_len to back to zero :/\n\nqdisc_skb_cb(skb)->pkt_len += (gso_segs - 1) * hdr_len;\n\nThis leads to the following crash in fq_codel [1]\n\nqdisc_pkt_len_init() is best effort, we only want an estimation\nof the bytes sent on the wire, not crashing the kernel.\n\nThis patch is fixing this particular issue, a following one\nadds more sanity checks for another potential bug.\n\n[1]\n[ 70.724101] BUG: kernel NULL pointer dereference, address: 0000000000000000\n[ 70.724561] #PF: supervisor read access in kernel mode\n[ 70.724561] #PF: error_code(0x0000) - not-present page\n[ 70.724561] PGD 10ac61067 P4D 10ac61067 PUD 107ee2067 PMD 0\n[ 70.724561] Oops: Oops: 0000 [#1] SMP NOPTI\n[ 70.724561] CPU: 11 UID: 0 PID: 2163 Comm: b358537762 Not tainted 6.11.0-virtme #991\n[ 70.724561] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 70.724561] RIP: 0010:fq_codel_enqueue (net/sched/sch_fq_codel.c:120 net/sched/sch_fq_codel.c:168 net/sched/sch_fq_codel.c:230) sch_fq_codel\n[ 70.724561] Code: 24 08 49 c1 e1 06 44 89 7c 24 18 45 31 ed 45 31 c0 31 ff 89 44 24 14 4c 03 8b 90 01 00 00 eb 04 39 ca 73 37 4d 8b 39 83 c7 01 <49> 8b 17 49 89 11 41 8b 57 28 45 8b 5f 34 49 c7 07 00 00 00 00 49\nAll code\n========\n 0:\t24 08 \tand $0x8,%al\n 2:\t49 c1 e1 06 \tshl $0x6,%r9\n 6:\t44 89 7c 24 18 \tmov %r15d,0x18(%rsp)\n b:\t45 31 ed \txor %r13d,%r13d\n e:\t45 31 c0 \txor %r8d,%r8d\n 11:\t31 ff \txor %edi,%edi\n 13:\t89 44 24 14 \tmov %eax,0x14(%rsp)\n 17:\t4c 03 8b 90 01 00 00 \tadd 0x190(%rbx),%r9\n 1e:\teb 04 \tjmp 0x24\n 20:\t39 ca \tcmp %ecx,%edx\n 22:\t73 37 \tjae 0x5b\n 24:\t4d 8b 39 \tmov (%r9),%r15\n 27:\t83 c7 01 \tadd $0x1,%edi\n 2a:*\t49 8b 17 \tmov (%r15),%rdx\t\t<-- trapping instruction\n 2d:\t49 89 11 \tmov %rdx,(%r9)\n 30:\t41 8b 57 28 \tmov 0x28(%r15),%edx\n 34:\t45 8b 5f 34 \tmov 0x34(%r15),%r11d\n 38:\t49 c7 07 00 00 00 00 \tmovq $0x0,(%r15)\n 3f:\t49 \trex.WB\n\nCode starting with the faulting instruction\n===========================================\n 0:\t49 8b 17 \tmov (%r15),%rdx\n 3:\t49 89 11 \tmov %rdx,(%r9)\n 6:\t41 8b 57 28 \tmov 0x28(%r15),%edx\n a:\t45 8b 5f 34 \tmov 0x34(%r15),%r11d\n e:\t49 c7 07 00 00 00 00 \tmovq $0x0,(%r15)\n 15:\t49 \trex.WB\n[ 70.724561] RSP: 0018:ffff95ae85e6fb90 EFLAGS: 00000202\n[ 70.724561] RAX: 0000000002000000 RBX: ffff95ae841de000 RCX: 0000000000000000\n[ 70.724561] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001\n[ 70.724561] RBP: ffff95ae85e6fbf8 R08: 0000000000000000 R09: ffff95b710a30000\n[ 70.724561] R10: 0000000000000000 R11: bdf289445ce31881 R12: ffff95ae85e6fc58\n[ 70.724561] R13: 0000000000000000 R14: 0000000000000040 R15: 0000000000000000\n[ 70.724561] FS: 000000002c5c1380(0000) GS:ffff95bd7fcc0000(0000) knlGS:0000000000000000\n[ 70.724561] CS: 0010 DS: 0000 ES: 0000 C\n---truncated---",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-49949"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/1598d70ad9c7d0a4d9d54b82094e9f45908fda6d",
"url": "https://git.kernel.org/stable/c/1598d70ad9c7d0a4d9d54b82094e9f45908fda6d"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/25ab0b87dbd89cecef8a9c60a02bb97832e471d1",
"url": "https://git.kernel.org/stable/c/25ab0b87dbd89cecef8a9c60a02bb97832e471d1"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/81fd007dcd47c34471766249853e4d4bce8eea4b",
"url": "https://git.kernel.org/stable/c/81fd007dcd47c34471766249853e4d4bce8eea4b"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/939c88cbdc668dadd8cfa7a35d9066331239041c",
"url": "https://git.kernel.org/stable/c/939c88cbdc668dadd8cfa7a35d9066331239041c"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/ba26060a29d3ca1bfc737aa79f7125128f35147c",
"url": "https://git.kernel.org/stable/c/ba26060a29d3ca1bfc737aa79f7125128f35147c"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c20029db28399ecc50e556964eaba75c43b1e2f1",
"url": "https://git.kernel.org/stable/c/c20029db28399ecc50e556964eaba75c43b1e2f1"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/d6114993e0a89fde84a60a60a8329a571580b174",
"url": "https://git.kernel.org/stable/c/d6114993e0a89fde84a60a60a8329a571580b174"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/d70ca7598943572d5e384227bd268acb5109bf72",
"url": "https://git.kernel.org/stable/c/d70ca7598943572d5e384227bd268acb5109bf72"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/f959cce8a2a04ce776aa8b78e83ce339e0d7fbac",
"url": "https://git.kernel.org/stable/c/f959cce8a2a04ce776aa8b78e83ce339e0d7fbac"
}
],
"release_date": "2024-10-21T18:15:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2024-47709",
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: bcm: Clear bo->bcm_proc_read after remove_proc_entry().\n\nsyzbot reported a warning in bcm_release(). [0]\n\nThe blamed change fixed another warning that is triggered when\nconnect() is issued again for a socket whose connect()ed device has\nbeen unregistered.\n\nHowever, if the socket is just close()d without the 2nd connect(), the\nremaining bo->bcm_proc_read triggers unnecessary remove_proc_entry()\nin bcm_release().\n\nLet's clear bo->bcm_proc_read after remove_proc_entry() in bcm_notify().\n\n[0]\nname '4986'\nWARNING: CPU: 0 PID: 5234 at fs/proc/generic.c:711 remove_proc_entry+0x2e7/0x5d0 fs/proc/generic.c:711\nModules linked in:\nCPU: 0 UID: 0 PID: 5234 Comm: syz-executor606 Not tainted 6.11.0-rc5-syzkaller-00178-g5517ae241919 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nRIP: 0010:remove_proc_entry+0x2e7/0x5d0 fs/proc/generic.c:711\nCode: ff eb 05 e8 cb 1e 5e ff 48 8b 5c 24 10 48 c7 c7 e0 f7 aa 8e e8 2a 38 8e 09 90 48 c7 c7 60 3a 1b 8c 48 89 de e8 da 42 20 ff 90 <0f> 0b 90 90 48 8b 44 24 18 48 c7 44 24 40 0e 36 e0 45 49 c7 04 07\nRSP: 0018:ffffc9000345fa20 EFLAGS: 00010246\nRAX: 2a2d0aee2eb64600 RBX: ffff888032f1f548 RCX: ffff888029431e00\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: ffffc9000345fb08 R08: ffffffff8155b2f2 R09: 1ffff1101710519a\nR10: dffffc0000000000 R11: ffffed101710519b R12: ffff888011d38640\nR13: 0000000000000004 R14: 0000000000000000 R15: dffffc0000000000\nFS: 0000000000000000(0000) GS:ffff8880b8800000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fcfb52722f0 CR3: 000000000e734000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \n bcm_release+0x250/0x880 net/can/bcm.c:1578\n __sock_release net/socket.c:659 [inline]\n sock_close+0xbc/0x240 net/socket.c:1421\n __fput+0x24a/0x8a0 fs/file_table.c:422\n task_work_run+0x24f/0x310 kernel/task_work.c:228\n exit_task_work include/linux/task_work.h:40 [inline]\n do_exit+0xa2f/0x27f0 kernel/exit.c:882\n do_group_exit+0x207/0x2c0 kernel/exit.c:1031\n __do_sys_exit_group kernel/exit.c:1042 [inline]\n __se_sys_exit_group kernel/exit.c:1040 [inline]\n __x64_sys_exit_group+0x3f/0x40 kernel/exit.c:1040\n x64_sys_call+0x2634/0x2640 arch/x86/include/generated/asm/syscalls_64.h:232\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fcfb51ee969\nCode: Unable to access opcode bytes at 0x7fcfb51ee93f.\nRSP: 002b:00007ffce0109ca8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7\nRAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007fcfb51ee969\nRDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001\nRBP: 00007fcfb526f3b0 R08: ffffffffffffffb8 R09: 0000555500000000\nR10: 0000555500000000 R11: 0000000000000246 R12: 00007fcfb526f3b0\nR13: 0000000000000000 R14: 00007fcfb5271ee0 R15: 00007fcfb51bf160\n ",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-47709"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/5cc00913c1fdcab861c4e65fa20d1f1e1bbbf977",
"url": "https://git.kernel.org/stable/c/5cc00913c1fdcab861c4e65fa20d1f1e1bbbf977"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/770b463264426cc3c167b1d44efa85f6a526ce5b",
"url": "https://git.kernel.org/stable/c/770b463264426cc3c167b1d44efa85f6a526ce5b"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/7a145d6ec2124bdb94bd6fc436b342ff6ddf2b70",
"url": "https://git.kernel.org/stable/c/7a145d6ec2124bdb94bd6fc436b342ff6ddf2b70"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/94b0818fa63555a65f6ba107080659ea6bcca63e",
"url": "https://git.kernel.org/stable/c/94b0818fa63555a65f6ba107080659ea6bcca63e"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/9550baada4c8ef8cebefccc746384842820b4dff",
"url": "https://git.kernel.org/stable/c/9550baada4c8ef8cebefccc746384842820b4dff"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/a833da8eec20b51af39643faa7067b25c8b20f3e",
"url": "https://git.kernel.org/stable/c/a833da8eec20b51af39643faa7067b25c8b20f3e"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b02ed2f01240b226570b4a19b5041d61f5125784",
"url": "https://git.kernel.org/stable/c/b02ed2f01240b226570b4a19b5041d61f5125784"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c3d941cc734e0c8dc486c062926d5249070af5e4",
"url": "https://git.kernel.org/stable/c/c3d941cc734e0c8dc486c062926d5249070af5e4"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/f5059fae5ed518fc56494ce5bdd4f5360de4b3bc",
"url": "https://git.kernel.org/stable/c/f5059fae5ed518fc56494ce5bdd4f5360de4b3bc"
}
],
"release_date": "2024-10-21T12:15:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2025-22018",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: Fix NULL pointer dereference\n\nWhen MPOA_cache_impos_rcvd() receives the msg, it can trigger\nNull Pointer Dereference Vulnerability if both entry and\nholding_time are NULL. Because there is only for the situation\nwhere entry is NULL and holding_time exists, it can be passed\nwhen both entry and holding_time are NULL. If these are NULL,\nthe entry will be passd to eg_cache_put() as parameter and\nit is referenced by entry->use code in it.\n\nkasan log:\n\n[ 3.316691] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000006:I\n[ 3.317568] KASAN: null-ptr-deref in range [0x0000000000000030-0x0000000000000037]\n[ 3.318188] CPU: 3 UID: 0 PID: 79 Comm: ex Not tainted 6.14.0-rc2 #102\n[ 3.318601] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n[ 3.319298] RIP: 0010:eg_cache_remove_entry+0xa5/0x470\n[ 3.319677] Code: c1 f7 6e fd 48 c7 c7 00 7e 38 b2 e8 95 64 54 fd 48 c7 c7 40 7e 38 b2 48 89 ee e80\n[ 3.321220] RSP: 0018:ffff88800583f8a8 EFLAGS: 00010006\n[ 3.321596] RAX: 0000000000000006 RBX: ffff888005989000 RCX: ffffffffaecc2d8e\n[ 3.322112] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000030\n[ 3.322643] RBP: 0000000000000000 R08: 0000000000000000 R09: fffffbfff6558b88\n[ 3.323181] R10: 0000000000000003 R11: 203a207972746e65 R12: 1ffff11000b07f15\n[ 3.323707] R13: dffffc0000000000 R14: ffff888005989000 R15: ffff888005989068\n[ 3.324185] FS: 000000001b6313c0(0000) GS:ffff88806d380000(0000) knlGS:0000000000000000\n[ 3.325042] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 3.325545] CR2: 00000000004b4b40 CR3: 000000000248e000 CR4: 00000000000006f0\n[ 3.326430] Call Trace:\n[ 3.326725] \n[ 3.326927] ? die_addr+0x3c/0xa0\n[ 3.327330] ? exc_general_protection+0x161/0x2a0\n[ 3.327662] ? asm_exc_general_protection+0x26/0x30\n[ 3.328214] ? vprintk_emit+0x15e/0x420\n[ 3.328543] ? eg_cache_remove_entry+0xa5/0x470\n[ 3.328910] ? eg_cache_remove_entry+0x9a/0x470\n[ 3.329294] ? __pfx_eg_cache_remove_entry+0x10/0x10\n[ 3.329664] ? console_unlock+0x107/0x1d0\n[ 3.329946] ? __pfx_console_unlock+0x10/0x10\n[ 3.330283] ? do_syscall_64+0xa6/0x1a0\n[ 3.330584] ? entry_SYSCALL_64_after_hwframe+0x47/0x7f\n[ 3.331090] ? __pfx_prb_read_valid+0x10/0x10\n[ 3.331395] ? down_trylock+0x52/0x80\n[ 3.331703] ? vprintk_emit+0x15e/0x420\n[ 3.331986] ? __pfx_vprintk_emit+0x10/0x10\n[ 3.332279] ? down_trylock+0x52/0x80\n[ 3.332527] ? _printk+0xbf/0x100\n[ 3.332762] ? __pfx__printk+0x10/0x10\n[ 3.333007] ? _raw_write_lock_irq+0x81/0xe0\n[ 3.333284] ? __pfx__raw_write_lock_irq+0x10/0x10\n[ 3.333614] msg_from_mpoad+0x1185/0x2750\n[ 3.333893] ? __build_skb_around+0x27b/0x3a0\n[ 3.334183] ? __pfx_msg_from_mpoad+0x10/0x10\n[ 3.334501] ? __alloc_skb+0x1c0/0x310\n[ 3.334809] ? __pfx___alloc_skb+0x10/0x10\n[ 3.335283] ? _raw_spin_lock+0xe0/0xe0\n[ 3.335632] ? finish_wait+0x8d/0x1e0\n[ 3.335975] vcc_sendmsg+0x684/0xba0\n[ 3.336250] ? __pfx_vcc_sendmsg+0x10/0x10\n[ 3.336587] ? __pfx_autoremove_wake_function+0x10/0x10\n[ 3.337056] ? fdget+0x176/0x3e0\n[ 3.337348] __sys_sendto+0x4a2/0x510\n[ 3.337663] ? __pfx___sys_sendto+0x10/0x10\n[ 3.337969] ? ioctl_has_perm.constprop.0.isra.0+0x284/0x400\n[ 3.338364] ? sock_ioctl+0x1bb/0x5a0\n[ 3.338653] ? __rseq_handle_notify_resume+0x825/0xd20\n[ 3.339017] ? __pfx_sock_ioctl+0x10/0x10\n[ 3.339316] ? __pfx___rseq_handle_notify_resume+0x10/0x10\n[ 3.339727] ? selinux_file_ioctl+0xa4/0x260\n[ 3.340166] __x64_sys_sendto+0xe0/0x1c0\n[ 3.340526] ? syscall_exit_to_user_mode+0x123/0x140\n[ 3.340898] do_syscall_64+0xa6/0x1a0\n[ 3.341170] entry_SYSCALL_64_after_hwframe+0x77/0x7f\n[ 3.341533] RIP: 0033:0x44a380\n[ 3.341757] Code: 0f 1f 84 00 00 00 00 00 66 90 f3 0f 1e fa 41 89 ca 64 8b 04 25 18 00 00 00 85 c00\n[ \n---truncated---",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-22018"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/09691f367df44fe93255274d80a439f9bb3263fc",
"url": "https://git.kernel.org/stable/c/09691f367df44fe93255274d80a439f9bb3263fc"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/0ef6e49881b6b50ac454cb9d6501d009fdceb6fc",
"url": "https://git.kernel.org/stable/c/0ef6e49881b6b50ac454cb9d6501d009fdceb6fc"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/14c7aca5ba2740973de27c1bb8df77b4dcb6f775",
"url": "https://git.kernel.org/stable/c/14c7aca5ba2740973de27c1bb8df77b4dcb6f775"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/1505f9b720656b17865e4166ab002960162bf679",
"url": "https://git.kernel.org/stable/c/1505f9b720656b17865e4166ab002960162bf679"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3c23bb2c894e9ef2727682f98c341b20f78c9013",
"url": "https://git.kernel.org/stable/c/3c23bb2c894e9ef2727682f98c341b20f78c9013"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/9da6b6340dbcf0f60ae3ec6a7d6438337c32518a",
"url": "https://git.kernel.org/stable/c/9da6b6340dbcf0f60ae3ec6a7d6438337c32518a"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/ab92f51c7f53a08f1a686bfb80690ebb3672357d",
"url": "https://git.kernel.org/stable/c/ab92f51c7f53a08f1a686bfb80690ebb3672357d"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/bf2986fcf82a449441f9ee4335df19be19e83970",
"url": "https://git.kernel.org/stable/c/bf2986fcf82a449441f9ee4335df19be19e83970"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/d7f1e4a53a51cc6ba833afcb40439f18dab61c1f",
"url": "https://git.kernel.org/stable/c/d7f1e4a53a51cc6ba833afcb40439f18dab61c1f"
}
],
"release_date": "2025-04-16T05:15:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2024-38541",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\nof: module: add buffer overflow check in of_modalias()\nIn of_modalias(), if the buffer happens to be too small even for the 1st\nsnprintf() call, the len parameter will become negative and str parameter\n(if not NULL initially) will point beyond the buffer's end. Add the buffer\noverflow check after the 1st snprintf() call and fix such check after the\nstrlen() call (accounting for the terminating NUL char).",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-38541"
}
],
"release_date": "2024-06-19T00:00:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2024-40953",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\nKVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin()\nUse {READ,WRITE}_ONCE() to access kvm->last_boosted_vcpu to ensure the\nloads and stores are atomic. In the extremely unlikely scenario the\ncompiler tears the stores, it's theoretically possible for KVM to attempt\nto get a vCPU using an out-of-bounds index, e.g. if the write is split\ninto multiple 8-bit stores, and is paired with a 32-bit load on a VM with\n257 vCPUs:\nCPU0 CPU1\nlast_boosted_vcpu = 0xff;\n(last_boosted_vcpu = 0x100)\nlast_boosted_vcpu[15:8] = 0x01;\ni = (last_boosted_vcpu = 0x1ff)\nlast_boosted_vcpu[7:0] = 0x00;\nvcpu = kvm->vcpu_array[0x1ff];\nAs detected by KCSAN:\nBUG: KCSAN: data-race in kvm_vcpu_on_spin [kvm] / kvm_vcpu_on_spin [kvm]\nwrite to 0xffffc90025a92344 of 4 bytes by task 4340 on cpu 16:\nkvm_vcpu_on_spin (arch/x86/kvm/../../../virt/kvm/kvm_main.c:4112) kvm\nhandle_pause (arch/x86/kvm/vmx/vmx.c:5929) kvm_intel\nvmx_handle_exit (arch/x86/kvm/vmx/vmx.c:?\narch/x86/kvm/vmx/vmx.c:6606) kvm_intel\nvcpu_run (arch/x86/kvm/x86.c:11107 arch/x86/kvm/x86.c:11211) kvm\nkvm_arch_vcpu_ioctl_run (arch/x86/kvm/x86.c:?) kvm\nkvm_vcpu_ioctl (arch/x86/kvm/../../../virt/kvm/kvm_main.c:?) kvm\n__se_sys_ioctl (fs/ioctl.c:52 fs/ioctl.c:904 fs/ioctl.c:890)\n__x64_sys_ioctl (fs/ioctl.c:890)\nx64_sys_call (arch/x86/entry/syscall_64.c:33)\ndo_syscall_64 (arch/x86/entry/common.c:?)\nentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\nread to 0xffffc90025a92344 of 4 bytes by task 4342 on cpu 4:\nkvm_vcpu_on_spin (arch/x86/kvm/../../../virt/kvm/kvm_main.c:4069) kvm\nhandle_pause (arch/x86/kvm/vmx/vmx.c:5929) kvm_intel\nvmx_handle_exit (arch/x86/kvm/vmx/vmx.c:?\narch/x86/kvm/vmx/vmx.c:6606) kvm_intel\nvcpu_run (arch/x86/kvm/x86.c:11107 arch/x86/kvm/x86.c:11211) kvm\nkvm_arch_vcpu_ioctl_run (arch/x86/kvm/x86.c:?) kvm\nkvm_vcpu_ioctl (arch/x86/kvm/../../../virt/kvm/kvm_main.c:?) kvm\n__se_sys_ioctl (fs/ioctl.c:52 fs/ioctl.c:904 fs/ioctl.c:890)\n__x64_sys_ioctl (fs/ioctl.c:890)\nx64_sys_call (arch/x86/entry/syscall_64.c:33)\ndo_syscall_64 (arch/x86/entry/common.c:?)\nentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\nvalue changed: 0x00000012 -> 0x00000000",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-40953"
}
],
"release_date": "2024-07-12T00:00:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2022-49176",
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\nbfq: fix use-after-free in bfq_dispatch_request\nKASAN reports a use-after-free report when doing normal scsi-mq test\n[69832.239032] ==================================================================\n[69832.241810] BUG: KASAN: use-after-free in bfq_dispatch_request+0x1045/0x44b0\n[69832.243267] Read of size 8 at addr ffff88802622ba88 by task kworker/3:1H/155\n[69832.244656]\n[69832.245007] CPU: 3 PID: 155 Comm: kworker/3:1H Not tainted 5.10.0-10295-g576c6382529e #8\n[69832.246626] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014\n[69832.249069] Workqueue: kblockd blk_mq_run_work_fn\n[69832.250022] Call Trace:\n[69832.250541] dump_stack+0x9b/0xce\n[69832.251232] ? bfq_dispatch_request+0x1045/0x44b0\n[69832.252243] print_address_description.constprop.6+0x3e/0x60\n[69832.253381] ? __cpuidle_text_end+0x5/0x5\n[69832.254211] ? vprintk_func+0x6b/0x120\n[69832.254994] ? bfq_dispatch_request+0x1045/0x44b0\n[69832.255952] ? bfq_dispatch_request+0x1045/0x44b0\n[69832.256914] kasan_report.cold.9+0x22/0x3a\n[69832.257753] ? bfq_dispatch_request+0x1045/0x44b0\n[69832.258755] check_memory_region+0x1c1/0x1e0\n[69832.260248] bfq_dispatch_request+0x1045/0x44b0\n[69832.261181] ? bfq_bfqq_expire+0x2440/0x2440\n[69832.262032] ? blk_mq_delay_run_hw_queues+0xf9/0x170\n[69832.263022] __blk_mq_do_dispatch_sched+0x52f/0x830\n[69832.264011] ? blk_mq_sched_request_inserted+0x100/0x100\n[69832.265101] __blk_mq_sched_dispatch_requests+0x398/0x4f0\n[69832.266206] ? blk_mq_do_dispatch_ctx+0x570/0x570\n[69832.267147] ? __switch_to+0x5f4/0xee0\n[69832.267898] blk_mq_sched_dispatch_requests+0xdf/0x140\n[69832.268946] __blk_mq_run_hw_queue+0xc0/0x270\n[69832.269840] blk_mq_run_work_fn+0x51/0x60\n[69832.278170] process_one_work+0x6d4/0xfe0\n[69832.278984] worker_thread+0x91/0xc80\n[69832.279726] ? __kthread_parkme+0xb0/0x110\n[69832.280554] ? process_one_work+0xfe0/0xfe0\n[69832.281414] kthread+0x32d/0x3f0\n[69832.282082] ? kthread_park+0x170/0x170\n[69832.282849] ret_from_fork+0x1f/0x30\n[69832.283573]\n[69832.283886] Allocated by task 7725:\n[69832.284599] kasan_save_stack+0x19/0x40\n[69832.285385] __kasan_kmalloc.constprop.2+0xc1/0xd0\n[69832.286350] kmem_cache_alloc_node+0x13f/0x460\n[69832.287237] bfq_get_queue+0x3d4/0x1140\n[69832.287993] bfq_get_bfqq_handle_split+0x103/0x510\n[69832.289015] bfq_init_rq+0x337/0x2d50\n[69832.289749] bfq_insert_requests+0x304/0x4e10\n[69832.290634] blk_mq_sched_insert_requests+0x13e/0x390\n[69832.291629] blk_mq_flush_plug_list+0x4b4/0x760\n[69832.292538] blk_flush_plug_list+0x2c5/0x480\n[69832.293392] io_schedule_prepare+0xb2/0xd0\n[69832.294209] io_schedule_timeout+0x13/0x80\n[69832.295014] wait_for_common_io.constprop.1+0x13c/0x270\n[69832.296137] submit_bio_wait+0x103/0x1a0\n[69832.296932] blkdev_issue_discard+0xe6/0x160\n[69832.297794] blk_ioctl_discard+0x219/0x290\n[69832.298614] blkdev_common_ioctl+0x50a/0x1750\n[69832.304715] blkdev_ioctl+0x470/0x600\n[69832.305474] block_ioctl+0xde/0x120\n[69832.306232] vfs_ioctl+0x6c/0xc0\n[69832.306877] __se_sys_ioctl+0x90/0xa0\n[69832.307629] do_syscall_64+0x2d/0x40\n[69832.308362] entry_SYSCALL_64_after_hwframe+0x44/0xa9\n[69832.309382]\n[69832.309701] Freed by task 155:\n[69832.310328] kasan_save_stack+0x19/0x40\n[69832.311121] kasan_set_track+0x1c/0x30\n[69832.311868] kasan_set_free_info+0x1b/0x30\n[69832.312699] __kasan_slab_free+0x111/0x160\n[69832.313524] kmem_cache_free+0x94/0x460\n[69832.314367] bfq_put_queue+0x582/0x940\n[69832.315112] __bfq_bfqd_reset_in_service+0x166/0x1d0\n[69832.317275] bfq_bfqq_expire+0xb27/0x2440\n[69832.318084] bfq_dispatch_request+0x697/0x44b0\n[69832.318991] __blk_mq_do_dispatch_sched+0x52f/0x830\n[69832.319984] __blk_mq_sched_dispatch_requests+0x398/0x4f0\n[69832.321087] blk_mq_sched_dispatch_requests+0xdf/0x140\n[69832.322225] __blk_mq_run_hw_queue+0xc0/0x270\n[69832.323114] blk_mq_run_work_fn+0x51/0x6\n---truncated---",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2022-49176"
}
],
"release_date": "2025-02-26T00:00:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2025-21956",
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\ndrm/amd/display: Assign normalized_pix_clk when color depth = 14\n[WHY & HOW]\nA warning message \"WARNING: CPU: 4 PID: 459 at ... /dc_resource.c:3397\ncalculate_phy_pix_clks+0xef/0x100 [amdgpu]\" occurs because the\ndisplay_color_depth == COLOR_DEPTH_141414 is not handled. This is\nobserved in Radeon RX 6600 XT.\nIt is fixed by assigning pix_clk * (14 * 3) / 24 - same as the rests.\nAlso fixes the indentation in get_norm_pix_clk.\n(cherry picked from commit 274a87eb389f58eddcbc5659ab0b180b37e92775)",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-21956"
}
],
"release_date": "2025-04-01T00:00:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2025-37797",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\nnet_sched: hfsc: Fix a UAF vulnerability in class handling\nThis patch fixes a Use-After-Free vulnerability in the HFSC qdisc class\nhandling. The issue occurs due to a time-of-check/time-of-use condition\nin hfsc_change_class() when working with certain child qdiscs like netem\nor codel.\nThe vulnerability works as follows:\n1. hfsc_change_class() checks if a class has packets (q.qlen != 0)\n2. It then calls qdisc_peek_len(), which for certain qdiscs (e.g.,\ncodel, netem) might drop packets and empty the queue\n3. The code continues assuming the queue is still non-empty, adding\nthe class to vttree\n4. This breaks HFSC scheduler assumptions that only non-empty classes\nare in vttree\n5. Later, when the class is destroyed, this can lead to a Use-After-Free\nThe fix adds a second queue length check after qdisc_peek_len() to verify\nthe queue wasn't emptied.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-37797"
}
],
"release_date": "2025-05-02T00:00:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "High"
}
]
},
{
"cve": "CVE-2025-21992",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\nHID: ignore non-functional sensor in HP 5MP Camera\nThe HP 5MP Camera (USB ID 0408:5473) reports a HID sensor interface that\nis not actually implemented. Attempting to access this non-functional\nsensor via iio_info causes system hangs as runtime PM tries to wake up\nan unresponsive sensor.\n[453] hid-sensor-hub 0003:0408:5473.0003: Report latency attributes: ffffffff:ffffffff\n[453] hid-sensor-hub 0003:0408:5473.0003: common attributes: 5:1, 2:1, 3:1 ffffffff:ffffffff\nAdd this device to the HID ignore list since the sensor interface is\nnon-functional by design and should not be exposed to userspace.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-21992"
}
],
"release_date": "2025-04-02T00:00:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2025-22021",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\nnetfilter: socket: Lookup orig tuple for IPv6 SNAT\nnf_sk_lookup_slow_v4 does the conntrack lookup for IPv4 packets to\nrestore the original 5-tuple in case of SNAT, to be able to find the\nright socket (if any). Then socket_match() can correctly check whether\nthe socket was transparent.\nHowever, the IPv6 counterpart (nf_sk_lookup_slow_v6) lacks this\nconntrack lookup, making xt_socket fail to match on the socket when the\npacket was SNATed. Add the same logic to nf_sk_lookup_slow_v6.\nIPv6 SNAT is used in Kubernetes clusters for pod-to-world packets, as\npods' addresses are in the fd00::/8 ULA subnet and need to be replaced\nwith the node's external address. Cilium leverages Envoy to enforce L7\npolicies, and Envoy uses transparent sockets. Cilium inserts an iptables\nprerouting rule that matches on `-m socket --transparent` and redirects\nthe packets to localhost, but it fails to match SNATed IPv6 packets due\nto that missing conntrack lookup.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-22021"
}
],
"release_date": "2025-04-16T00:00:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2025-21640",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy\n\nAs mentioned in a previous commit of this series, using the 'net'\nstructure via 'current' is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader's/writer's netns vs only\n from the opener's netns.\n\n- current->nsproxy can be NULL in some cases, resulting in an 'Oops'\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe 'net' structure can be obtained from the table->data using\ncontainer_of().\n\nNote that table->data could also be used directly, as this is the only\nmember needed from the 'net' structure, but that would increase the size\nof this fix, to use '*data' everywhere 'net->sctp.sctp_hmac_alg' is\nused.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-21640"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/03ca51faba2b017bf6c90e139434c4117d0afcdc",
"url": "https://git.kernel.org/stable/c/03ca51faba2b017bf6c90e139434c4117d0afcdc"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3cd0659deb9c03535fd61839e91d4d4d3e51ac71",
"url": "https://git.kernel.org/stable/c/3cd0659deb9c03535fd61839e91d4d4d3e51ac71"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/5599b212d2f4466e1832a94e9932684aaa364587",
"url": "https://git.kernel.org/stable/c/5599b212d2f4466e1832a94e9932684aaa364587"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/86ddf8118123cb58a0fb8724cad6979c4069065b",
"url": "https://git.kernel.org/stable/c/86ddf8118123cb58a0fb8724cad6979c4069065b"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/ad673e514b2793b8d5902f6ba6ab7e890dea23d5",
"url": "https://git.kernel.org/stable/c/ad673e514b2793b8d5902f6ba6ab7e890dea23d5"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/ea62dd1383913b5999f3d16ae99d411f41b528d4",
"url": "https://git.kernel.org/stable/c/ea62dd1383913b5999f3d16ae99d411f41b528d4"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/f0bb3935470684306e4e04793a20ac4c4b08de0b",
"url": "https://git.kernel.org/stable/c/f0bb3935470684306e4e04793a20ac4c4b08de0b"
}
],
"release_date": "2025-01-19T11:15:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2024-50195",
"cwe": {
"id": "CWE-754",
"name": "Improper Check for Unusual or Exceptional Conditions"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nposix-clock: Fix missing timespec64 check in pc_clock_settime()\n\nAs Andrew pointed out, it will make sense that the PTP core\nchecked timespec64 struct's tv_sec and tv_nsec range before calling\nptp->info->settime64().\n\nAs the man manual of clock_settime() said, if tp.tv_sec is negative or\ntp.tv_nsec is outside the range [0..999,999,999], it should return EINVAL,\nwhich include dynamic clocks which handles PTP clock, and the condition is\nconsistent with timespec64_valid(). As Thomas suggested, timespec64_valid()\nonly check the timespec is valid, but not ensure that the time is\nin a valid range, so check it ahead using timespec64_valid_strict()\nin pc_clock_settime() and return -EINVAL if not valid.\n\nThere are some drivers that use tp->tv_sec and tp->tv_nsec directly to\nwrite registers without validity checks and assume that the higher layer\nhas checked it, which is dangerous and will benefit from this, such as\nhclge_ptp_settime(), igb_ptp_settime_i210(), _rcar_gen4_ptp_settime(),\nand some drivers can remove the checks of itself.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-50195"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/1ff7247101af723731ea42ed565d54fb8f341264",
"url": "https://git.kernel.org/stable/c/1ff7247101af723731ea42ed565d54fb8f341264"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/27abbde44b6e71ee3891de13e1a228aa7ce95bfe",
"url": "https://git.kernel.org/stable/c/27abbde44b6e71ee3891de13e1a228aa7ce95bfe"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/29f085345cde24566efb751f39e5d367c381c584",
"url": "https://git.kernel.org/stable/c/29f085345cde24566efb751f39e5d367c381c584"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/673a1c5a2998acbd429d6286e6cad10f17f4f073",
"url": "https://git.kernel.org/stable/c/673a1c5a2998acbd429d6286e6cad10f17f4f073"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/a3f169e398215e71361774d13bf91a0101283ac2",
"url": "https://git.kernel.org/stable/c/a3f169e398215e71361774d13bf91a0101283ac2"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c8789fbe2bbf75845e45302cba6ffa44e1884d01",
"url": "https://git.kernel.org/stable/c/c8789fbe2bbf75845e45302cba6ffa44e1884d01"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/d8794ac20a299b647ba9958f6d657051fc51a540",
"url": "https://git.kernel.org/stable/c/d8794ac20a299b647ba9958f6d657051fc51a540"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/e0c966bd3e31911b57ef76cec4c5796ebd88e512",
"url": "https://git.kernel.org/stable/c/e0c966bd3e31911b57ef76cec4c5796ebd88e512"
}
],
"release_date": "2024-11-08T06:15:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2023-52975",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\nscsi: iscsi_tcp: Fix UAF during logout when accessing the shost ipaddress\nBug report and analysis from Ding Hui.\nDuring iSCSI session logout, if another task accesses the shost ipaddress\nattr, we can get a KASAN UAF report like this:\n[ 276.942144] BUG: KASAN: use-after-free in _raw_spin_lock_bh+0x78/0xe0\n[ 276.942535] Write of size 4 at addr ffff8881053b45b8 by task cat/4088\n[ 276.943511] CPU: 2 PID: 4088 Comm: cat Tainted: G E 6.1.0-rc8+ #3\n[ 276.943997] Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020\n[ 276.944470] Call Trace:\n[ 276.944943] \n[ 276.945397] dump_stack_lvl+0x34/0x48\n[ 276.945887] print_address_description.constprop.0+0x86/0x1e7\n[ 276.946421] print_report+0x36/0x4f\n[ 276.947358] kasan_report+0xad/0x130\n[ 276.948234] kasan_check_range+0x35/0x1c0\n[ 276.948674] _raw_spin_lock_bh+0x78/0xe0\n[ 276.949989] iscsi_sw_tcp_host_get_param+0xad/0x2e0 [iscsi_tcp]\n[ 276.951765] show_host_param_ISCSI_HOST_PARAM_IPADDRESS+0xe9/0x130 [scsi_transport_iscsi]\n[ 276.952185] dev_attr_show+0x3f/0x80\n[ 276.953005] sysfs_kf_seq_show+0x1fb/0x3e0\n[ 276.953401] seq_read_iter+0x402/0x1020\n[ 276.954260] vfs_read+0x532/0x7b0\n[ 276.955113] ksys_read+0xed/0x1c0\n[ 276.955952] do_syscall_64+0x38/0x90\n[ 276.956347] entry_SYSCALL_64_after_hwframe+0x63/0xcd\n[ 276.956769] RIP: 0033:0x7f5d3a679222\n[ 276.957161] Code: c0 e9 b2 fe ff ff 50 48 8d 3d 32 c0 0b 00 e8 a5 fe 01 00 0f 1f 44 00 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 0f 05 <48> 3d 00 f0 ff ff 77 56 c3 0f 1f 44 00 00 48 83 ec 28 48 89 54 24\n[ 276.958009] RSP: 002b:00007ffc864d16a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000\n[ 276.958431] RAX: ffffffffffffffda RBX: 0000000000020000 RCX: 00007f5d3a679222\n[ 276.958857] RDX: 0000000000020000 RSI: 00007f5d3a4fe000 RDI: 0000000000000003\n[ 276.959281] RBP: 00007f5d3a4fe000 R08: 00000000ffffffff R09: 0000000000000000\n[ 276.959682] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000020000\n[ 276.960126] R13: 0000000000000003 R14: 0000000000000000 R15: 0000557a26dada58\n[ 276.960536] \n[ 276.961357] Allocated by task 2209:\n[ 276.961756] kasan_save_stack+0x1e/0x40\n[ 276.962170] kasan_set_track+0x21/0x30\n[ 276.962557] __kasan_kmalloc+0x7e/0x90\n[ 276.962923] __kmalloc+0x5b/0x140\n[ 276.963308] iscsi_alloc_session+0x28/0x840 [scsi_transport_iscsi]\n[ 276.963712] iscsi_session_setup+0xda/0xba0 [libiscsi]\n[ 276.964078] iscsi_sw_tcp_session_create+0x1fd/0x330 [iscsi_tcp]\n[ 276.964431] iscsi_if_create_session.isra.0+0x50/0x260 [scsi_transport_iscsi]\n[ 276.964793] iscsi_if_recv_msg+0xc5a/0x2660 [scsi_transport_iscsi]\n[ 276.965153] iscsi_if_rx+0x198/0x4b0 [scsi_transport_iscsi]\n[ 276.965546] netlink_unicast+0x4d5/0x7b0\n[ 276.965905] netlink_sendmsg+0x78d/0xc30\n[ 276.966236] sock_sendmsg+0xe5/0x120\n[ 276.966576] ____sys_sendmsg+0x5fe/0x860\n[ 276.966923] ___sys_sendmsg+0xe0/0x170\n[ 276.967300] __sys_sendmsg+0xc8/0x170\n[ 276.967666] do_syscall_64+0x38/0x90\n[ 276.968028] entry_SYSCALL_64_after_hwframe+0x63/0xcd\n[ 276.968773] Freed by task 2209:\n[ 276.969111] kasan_save_stack+0x1e/0x40\n[ 276.969449] kasan_set_track+0x21/0x30\n[ 276.969789] kasan_save_free_info+0x2a/0x50\n[ 276.970146] __kasan_slab_free+0x106/0x190\n[ 276.970470] __kmem_cache_free+0x133/0x270\n[ 276.970816] device_release+0x98/0x210\n[ 276.971145] kobject_cleanup+0x101/0x360\n[ 276.971462] iscsi_session_teardown+0x3fb/0x530 [libiscsi]\n[ 276.971775] iscsi_sw_tcp_session_destroy+0xd8/0x130 [iscsi_tcp]\n[ 276.972143] iscsi_if_recv_msg+0x1bf1/0x2660 [scsi_transport_iscsi]\n[ 276.972485] iscsi_if_rx+0x198/0x4b0 [scsi_transport_iscsi]\n[ 276.972808] netlink_unicast+0x4d5/0x7b0\n[ 276.973201] netlink_sendmsg+0x78d/0xc30\n[ 276.973544] sock_sendmsg+0xe5/0x120\n[ 276.973864] ____sys_sendmsg+0x5fe/0x860\n[ 276.974248] ___sys_\n---truncated---",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2023-52975"
}
],
"release_date": "2025-03-27T00:00:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2024-58071",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nteam: prevent adding a device which is already a team device lower\n\nPrevent adding a device which is already a team device lower,\ne.g. adding veth0 if vlan1 was already added and veth0 is a lower of\nvlan1.\n\nThis is not useful in practice and can lead to recursive locking:\n\n$ ip link add veth0 type veth peer name veth1\n$ ip link set veth0 up\n$ ip link set veth1 up\n$ ip link add link veth0 name veth0.1 type vlan protocol 802.1Q id 1\n$ ip link add team0 type team\n$ ip link set veth0.1 down\n$ ip link set veth0.1 master team0\nteam0: Port device veth0.1 added\n$ ip link set veth0 down\n$ ip link set veth0 master team0\n\n============================================\nWARNING: possible recursive locking detected\n6.13.0-rc2-virtme-00441-ga14a429069bb #46 Not tainted\n--------------------------------------------\nip/7684 is trying to acquire lock:\nffff888016848e00 (team->team_lock_key){+.+.}-{4:4}, at: team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\n\nbut task is already holding lock:\nffff888016848e00 (team->team_lock_key){+.+.}-{4:4}, at: team_add_slave (drivers/net/team/team_core.c:1147 drivers/net/team/team_core.c:1977)\n\nother info that might help us debug this:\nPossible unsafe locking scenario:\n\nCPU0\n----\nlock(team->team_lock_key);\nlock(team->team_lock_key);\n\n*** DEADLOCK ***\n\nMay be due to missing lock nesting notation\n\n2 locks held by ip/7684:\n\nstack backtrace:\nCPU: 3 UID: 0 PID: 7684 Comm: ip Not tainted 6.13.0-rc2-virtme-00441-ga14a429069bb #46\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\nCall Trace:\n\ndump_stack_lvl (lib/dump_stack.c:122)\nprint_deadlock_bug.cold (kernel/locking/lockdep.c:3040)\n__lock_acquire (kernel/locking/lockdep.c:3893 kernel/locking/lockdep.c:5226)\n? netlink_broadcast_filtered (net/netlink/af_netlink.c:1548)\nlock_acquire.part.0 (kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:5851)\n? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\n? trace_lock_acquire (./include/trace/events/lock.h:24 (discriminator 2))\n? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\n? lock_acquire (kernel/locking/lockdep.c:5822)\n? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\n__mutex_lock (kernel/locking/mutex.c:587 kernel/locking/mutex.c:735)\n? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\n? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\n? fib_sync_up (net/ipv4/fib_semantics.c:2167)\n? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\nteam_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\nnotifier_call_chain (kernel/notifier.c:85)\ncall_netdevice_notifiers_info (net/core/dev.c:1996)\n__dev_notify_flags (net/core/dev.c:8993)\n? __dev_change_flags (net/core/dev.c:8975)\ndev_change_flags (net/core/dev.c:9027)\nvlan_device_event (net/8021q/vlan.c:85 net/8021q/vlan.c:470)\n? br_device_event (net/bridge/br.c:143)\nnotifier_call_chain (kernel/notifier.c:85)\ncall_netdevice_notifiers_info (net/core/dev.c:1996)\ndev_open (net/core/dev.c:1519 net/core/dev.c:1505)\nteam_add_slave (drivers/net/team/team_core.c:1219 drivers/net/team/team_core.c:1977)\n? __pfx_team_add_slave (drivers/net/team/team_core.c:1972)\ndo_set_master (net/core/rtnetlink.c:2917)\ndo_setlink.isra.0 (net/core/rtnetlink.c:3117)",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-58071"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/0a7794b9ca78c8e7d001c583bf05736169de3f20",
"url": "https://git.kernel.org/stable/c/0a7794b9ca78c8e7d001c583bf05736169de3f20"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/184a564e6000b41582f160a5be9a9b5aabe22ac1",
"url": "https://git.kernel.org/stable/c/184a564e6000b41582f160a5be9a9b5aabe22ac1"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/1bb06f919fa5bec77ad9b6002525c3dcc5c1fd6c",
"url": "https://git.kernel.org/stable/c/1bb06f919fa5bec77ad9b6002525c3dcc5c1fd6c"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3fff5da4ca2164bb4d0f1e6cd33f6eb8a0e73e50",
"url": "https://git.kernel.org/stable/c/3fff5da4ca2164bb4d0f1e6cd33f6eb8a0e73e50"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/62ff1615815d565448c37cb8a7a2a076492ec471",
"url": "https://git.kernel.org/stable/c/62ff1615815d565448c37cb8a7a2a076492ec471"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/adff6ac889e16d97abd1e4543f533221127e978a",
"url": "https://git.kernel.org/stable/c/adff6ac889e16d97abd1e4543f533221127e978a"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/bd099a2fa9be983ba0e90a57a59484fe9d520ba8",
"url": "https://git.kernel.org/stable/c/bd099a2fa9be983ba0e90a57a59484fe9d520ba8"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/d9bce1310c0e2a55888e3e08c9f69d8377b3a377",
"url": "https://git.kernel.org/stable/c/d9bce1310c0e2a55888e3e08c9f69d8377b3a377"
}
],
"release_date": "2025-03-06T16:15:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2025-22073",
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\nspufs: fix a leak on spufs_new_file() failure\nIt's called from spufs_fill_dir(), and caller of that will do\nspufs_rmdir() in case of failure. That does remove everything\nwe'd managed to create, but... the problem dentry is still\nnegative. IOW, it needs to be explicitly dropped.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-22073"
}
],
"release_date": "2025-04-16T00:00:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2024-58063",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtlwifi: fix memory leaks and invalid access at probe error path\n\nDeinitialize at reverse order when probe fails.\n\nWhen init_sw_vars fails, rtl_deinit_core should not be called, specially\nnow that it destroys the rtl_wq workqueue.\n\nAnd call rtl_pci_deinit and deinit_sw_vars, otherwise, memory will be\nleaked.\n\nRemove pci_set_drvdata call as it will already be cleaned up by the core\ndriver code and could lead to memory leaks too. cf. commit 8d450935ae7f\n(\"wireless: rtlwifi: remove unnecessary pci_set_drvdata()\") and\ncommit 3d86b93064c7 (\"rtlwifi: Fix PCI probe error path orphaned memory\").",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-58063"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/32acebca0a51f5e372536bfdc0d7d332ab749013",
"url": "https://git.kernel.org/stable/c/32acebca0a51f5e372536bfdc0d7d332ab749013"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/455e0f40b5352186a9095f2135d5c89255e7c39a",
"url": "https://git.kernel.org/stable/c/455e0f40b5352186a9095f2135d5c89255e7c39a"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/624cea89a0865a2bc3e00182a6b0f954a94328b4",
"url": "https://git.kernel.org/stable/c/624cea89a0865a2bc3e00182a6b0f954a94328b4"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6b76bab5c257463302c9e97f5d84d524457468eb",
"url": "https://git.kernel.org/stable/c/6b76bab5c257463302c9e97f5d84d524457468eb"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/85b67b4c4a0f8a6fb20cf4ef7684ff2b0cf559df",
"url": "https://git.kernel.org/stable/c/85b67b4c4a0f8a6fb20cf4ef7684ff2b0cf559df"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b96371339fd9cac90f5ee4ac17ee5c4cbbdfa6f7",
"url": "https://git.kernel.org/stable/c/b96371339fd9cac90f5ee4ac17ee5c4cbbdfa6f7"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/e7ceefbfd8d447abc8aca8ab993a942803522c06",
"url": "https://git.kernel.org/stable/c/e7ceefbfd8d447abc8aca8ab993a942803522c06"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/ee0b0d7baa8a6d42c7988f6e50c8f164cdf3fa47",
"url": "https://git.kernel.org/stable/c/ee0b0d7baa8a6d42c7988f6e50c8f164cdf3fa47"
}
],
"release_date": "2025-03-06T16:15:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2024-58058",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nubifs: skip dumping tnc tree when zroot is null\n\nClearing slab cache will free all znode in memory and make\nc->zroot.znode = NULL, then dumping tnc tree will access\nc->zroot.znode which cause null pointer dereference.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-58058"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/1787cd67bb94b106555ffe64f887f6aa24b47010",
"url": "https://git.kernel.org/stable/c/1787cd67bb94b106555ffe64f887f6aa24b47010"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/2a987950df825d0144370e700dc5fb337684ffba",
"url": "https://git.kernel.org/stable/c/2a987950df825d0144370e700dc5fb337684ffba"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/40e25a3c0063935763717877bb2a814c081509ff",
"url": "https://git.kernel.org/stable/c/40e25a3c0063935763717877bb2a814c081509ff"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/428aff8f7cfb0d9a8854477648022cef96bcab28",
"url": "https://git.kernel.org/stable/c/428aff8f7cfb0d9a8854477648022cef96bcab28"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6211c11fc20424bbc6d79c835c7c212b553ae898",
"url": "https://git.kernel.org/stable/c/6211c11fc20424bbc6d79c835c7c212b553ae898"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/77e5266e3d3faa6bdcf20d9c68a8972f6aa06522",
"url": "https://git.kernel.org/stable/c/77e5266e3d3faa6bdcf20d9c68a8972f6aa06522"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/bdb0ca39e0acccf6771db49c3f94ed787d05f2d7",
"url": "https://git.kernel.org/stable/c/bdb0ca39e0acccf6771db49c3f94ed787d05f2d7"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/e01b55f261ccc96e347eba4931e4429d080d879d",
"url": "https://git.kernel.org/stable/c/e01b55f261ccc96e347eba4931e4429d080d879d"
}
],
"release_date": "2025-03-06T16:15:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2024-50202",
"cwe": {
"id": "CWE-755",
"name": "Improper Handling of Exceptional Conditions"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: propagate directory read errors from nilfs_find_entry()\n\nSyzbot reported that a task hang occurs in vcs_open() during a fuzzing\ntest for nilfs2.\n\nThe root cause of this problem is that in nilfs_find_entry(), which\nsearches for directory entries, ignores errors when loading a directory\npage/folio via nilfs_get_folio() fails.\n\nIf the filesystem images is corrupted, and the i_size of the directory\ninode is large, and the directory page/folio is successfully read but\nfails the sanity check, for example when it is zero-filled,\nnilfs_check_folio() may continue to spit out error messages in bursts.\n\nFix this issue by propagating the error to the callers when loading a\npage/folio fails in nilfs_find_entry().\n\nThe current interface of nilfs_find_entry() and its callers is outdated\nand cannot propagate error codes such as -EIO and -ENOMEM returned via\nnilfs_find_entry(), so fix it together.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-50202"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/08cfa12adf888db98879dbd735bc741360a34168",
"url": "https://git.kernel.org/stable/c/08cfa12adf888db98879dbd735bc741360a34168"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/270a6f9df35fa2aea01ec23770dc9b3fc9a12989",
"url": "https://git.kernel.org/stable/c/270a6f9df35fa2aea01ec23770dc9b3fc9a12989"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/9698088ac7704e260f492d9c254e29ed7dd8729a",
"url": "https://git.kernel.org/stable/c/9698088ac7704e260f492d9c254e29ed7dd8729a"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b4b3dc9e7e604be98a222e9f941f5e93798ca475",
"url": "https://git.kernel.org/stable/c/b4b3dc9e7e604be98a222e9f941f5e93798ca475"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/bb857ae1efd3138c653239ed1e7aef14e1242c81",
"url": "https://git.kernel.org/stable/c/bb857ae1efd3138c653239ed1e7aef14e1242c81"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c1d0476885d708a932980b0f28cd90d9bd71db39",
"url": "https://git.kernel.org/stable/c/c1d0476885d708a932980b0f28cd90d9bd71db39"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/edf8146057264191d5bfe5b91773f13d936dadd3",
"url": "https://git.kernel.org/stable/c/edf8146057264191d5bfe5b91773f13d936dadd3"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/efa810b15a25531cbc2f527330947b9fe16916e7",
"url": "https://git.kernel.org/stable/c/efa810b15a25531cbc2f527330947b9fe16916e7"
}
],
"release_date": "2024-11-08T06:15:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2024-49963",
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmailbox: bcm2835: Fix timeout during suspend mode\n\nDuring noirq suspend phase the Raspberry Pi power driver suffer of\nfirmware property timeouts. The reason is that the IRQ of the underlying\nBCM2835 mailbox is disabled and rpi_firmware_property_list() will always\nrun into a timeout [1].\n\nSince the VideoCore side isn't consider as a wakeup source, set the\nIRQF_NO_SUSPEND flag for the mailbox IRQ in order to keep it enabled\nduring suspend-resume cycle.\n\n[1]\nPM: late suspend of devices complete after 1.754 msecs\nWARNING: CPU: 0 PID: 438 at drivers/firmware/raspberrypi.c:128\n rpi_firmware_property_list+0x204/0x22c\nFirmware transaction 0x00028001 timeout\nModules linked in:\nCPU: 0 PID: 438 Comm: bash Tainted: G C 6.9.3-dirty #17\nHardware name: BCM2835\nCall trace:\nunwind_backtrace from show_stack+0x18/0x1c\nshow_stack from dump_stack_lvl+0x34/0x44\ndump_stack_lvl from __warn+0x88/0xec\n__warn from warn_slowpath_fmt+0x7c/0xb0\nwarn_slowpath_fmt from rpi_firmware_property_list+0x204/0x22c\nrpi_firmware_property_list from rpi_firmware_property+0x68/0x8c\nrpi_firmware_property from rpi_firmware_set_power+0x54/0xc0\nrpi_firmware_set_power from _genpd_power_off+0xe4/0x148\n_genpd_power_off from genpd_sync_power_off+0x7c/0x11c\ngenpd_sync_power_off from genpd_finish_suspend+0xcc/0xe0\ngenpd_finish_suspend from dpm_run_callback+0x78/0xd0\ndpm_run_callback from device_suspend_noirq+0xc0/0x238\ndevice_suspend_noirq from dpm_suspend_noirq+0xb0/0x168\ndpm_suspend_noirq from suspend_devices_and_enter+0x1b8/0x5ac\nsuspend_devices_and_enter from pm_suspend+0x254/0x2e4\npm_suspend from state_store+0xa8/0xd4\nstate_store from kernfs_fop_write_iter+0x154/0x1a0\nkernfs_fop_write_iter from vfs_write+0x12c/0x184\nvfs_write from ksys_write+0x78/0xc0\nksys_write from ret_fast_syscall+0x0/0x54\nException stack(0xcc93dfa8 to 0xcc93dff0)\n[...]\nPM: noirq suspend of devices complete after 3095.584 msecs",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-49963"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/10a58555e0bb5cc4673c8bb73b8afc5fa651f0ac",
"url": "https://git.kernel.org/stable/c/10a58555e0bb5cc4673c8bb73b8afc5fa651f0ac"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/32ee78823dea2d54adaf6e05f86622eba359e091",
"url": "https://git.kernel.org/stable/c/32ee78823dea2d54adaf6e05f86622eba359e091"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/4e1e03760ee7cc4779b6306867fe0fc02921b963",
"url": "https://git.kernel.org/stable/c/4e1e03760ee7cc4779b6306867fe0fc02921b963"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/90320cfc07b7d6e7a58fd8168f6380ec52ff0251",
"url": "https://git.kernel.org/stable/c/90320cfc07b7d6e7a58fd8168f6380ec52ff0251"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b0de20de29b13950493a36bd4cf531200eb0e807",
"url": "https://git.kernel.org/stable/c/b0de20de29b13950493a36bd4cf531200eb0e807"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/dc09f007caed3b2f6a3b6bd7e13777557ae22bfd",
"url": "https://git.kernel.org/stable/c/dc09f007caed3b2f6a3b6bd7e13777557ae22bfd"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/df293ea78740a41384d648041f38f645700288e1",
"url": "https://git.kernel.org/stable/c/df293ea78740a41384d648041f38f645700288e1"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/dfeb67b2194ecc55ef8065468c5adda3cdf59114",
"url": "https://git.kernel.org/stable/c/dfeb67b2194ecc55ef8065468c5adda3cdf59114"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/e65a9af05a0b59ebeba28e5e82265a233db7bc27",
"url": "https://git.kernel.org/stable/c/e65a9af05a0b59ebeba28e5e82265a233db7bc27"
}
],
"release_date": "2024-10-21T18:15:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2025-21699",
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: Truncate address space when flipping GFS2_DIF_JDATA flag\n\nTruncate an inode's address space when flipping the GFS2_DIF_JDATA flag:\ndepending on that flag, the pages in the address space will either use\nbuffer heads or iomap_folio_state structs, and we cannot mix the two.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-21699"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/2a40a140e11fec699e128170ccaa98b6b82cb503",
"url": "https://git.kernel.org/stable/c/2a40a140e11fec699e128170ccaa98b6b82cb503"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/2b0bd5051ad1c1e9ef4879f18e15a7712c974f3e",
"url": "https://git.kernel.org/stable/c/2b0bd5051ad1c1e9ef4879f18e15a7712c974f3e"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/4516febe325342555bb09ca5b396fb816d655821",
"url": "https://git.kernel.org/stable/c/4516febe325342555bb09ca5b396fb816d655821"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/4dd57d1f0e9844311c635a7fb39abce4f2ac5a61",
"url": "https://git.kernel.org/stable/c/4dd57d1f0e9844311c635a7fb39abce4f2ac5a61"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/4e3ded34f3f3c9d7ed2aac7be8cf51153646574a",
"url": "https://git.kernel.org/stable/c/4e3ded34f3f3c9d7ed2aac7be8cf51153646574a"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/5bb1fd0855bb0abc7d97e44758d6ffed7882d2d0",
"url": "https://git.kernel.org/stable/c/5bb1fd0855bb0abc7d97e44758d6ffed7882d2d0"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/7c9d9223802fbed4dee1ae301661bf346964c9d2",
"url": "https://git.kernel.org/stable/c/7c9d9223802fbed4dee1ae301661bf346964c9d2"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/8c41abc11aa8438c9ed2d973f97e66674c0355df",
"url": "https://git.kernel.org/stable/c/8c41abc11aa8438c9ed2d973f97e66674c0355df"
}
],
"release_date": "2025-02-12T14:15:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-extra-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-host-0:4.15.0-251.262.all",
"Ubuntu-18:linux-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-doc-0:4.15.0-251.262.all",
"Ubuntu-18:linux-libc-dev-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-buildinfo-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-headers-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.all",
"Ubuntu-18:linux-image-unsigned-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-lowlatency-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-source-4.15.0-0:4.15.0-251.262.all",
"Ubuntu-18:linux-modules-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64",
"Ubuntu-18:linux-tools-common-0:4.15.0-251.262.all",
"Ubuntu-18:linux-cloud-tools-4.15.0-251-tuxcare.els39-generic-0:4.15.0-251.262.amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
}
]
}