ISHACK AI BOT

Rocky Linux: CVE-2024-27052: kernel (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/01/2024 Created 06/17/2024 Added 06/17/2024 Modified 11/18/2024 Description In the Linux kernel, the following vulnerability has been resolved: wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work The workqueue might still be running, when the driver is stopped. To avoid a use-after-free, call cancel_work_sync() in rtl8xxxu_stop(). Solution(s) rocky-upgrade-bpftool rocky-upgrade-bpftool-debuginfo rocky-upgrade-kernel rocky-upgrade-kernel-core rocky-upgrade-kernel-cross-headers rocky-upgrade-kernel-debug rocky-upgrade-kernel-debug-core rocky-upgrade-kernel-debug-debuginfo rocky-upgrade-kernel-debug-devel rocky-upgrade-kernel-debug-devel-matched rocky-upgrade-kernel-debug-modules rocky-upgrade-kernel-debug-modules-core rocky-upgrade-kernel-debug-modules-extra rocky-upgrade-kernel-debug-uki-virt rocky-upgrade-kernel-debuginfo rocky-upgrade-kernel-debuginfo-common-x86_64 rocky-upgrade-kernel-devel rocky-upgrade-kernel-devel-matched rocky-upgrade-kernel-headers rocky-upgrade-kernel-modules rocky-upgrade-kernel-modules-core rocky-upgrade-kernel-modules-extra rocky-upgrade-kernel-rt rocky-upgrade-kernel-rt-core rocky-upgrade-kernel-rt-debug rocky-upgrade-kernel-rt-debug-core rocky-upgrade-kernel-rt-debug-debuginfo rocky-upgrade-kernel-rt-debug-devel rocky-upgrade-kernel-rt-debug-kvm rocky-upgrade-kernel-rt-debug-modules rocky-upgrade-kernel-rt-debug-modules-core rocky-upgrade-kernel-rt-debug-modules-extra rocky-upgrade-kernel-rt-debuginfo rocky-upgrade-kernel-rt-debuginfo-common-x86_64 rocky-upgrade-kernel-rt-devel rocky-upgrade-kernel-rt-kvm rocky-upgrade-kernel-rt-modules rocky-upgrade-kernel-rt-modules-core rocky-upgrade-kernel-rt-modules-extra rocky-upgrade-kernel-tools rocky-upgrade-kernel-tools-debuginfo rocky-upgrade-kernel-tools-libs rocky-upgrade-kernel-tools-libs-devel rocky-upgrade-kernel-uki-virt rocky-upgrade-kernel-zfcpdump rocky-upgrade-kernel-zfcpdump-core rocky-upgrade-kernel-zfcpdump-debuginfo rocky-upgrade-kernel-zfcpdump-devel rocky-upgrade-kernel-zfcpdump-devel-matched rocky-upgrade-kernel-zfcpdump-modules rocky-upgrade-kernel-zfcpdump-modules-core rocky-upgrade-kernel-zfcpdump-modules-extra rocky-upgrade-libperf rocky-upgrade-libperf-debuginfo rocky-upgrade-perf rocky-upgrade-perf-debuginfo rocky-upgrade-python3-perf rocky-upgrade-python3-perf-debuginfo rocky-upgrade-rtla rocky-upgrade-rv References https://attackerkb.com/topics/cve-2024-27052 CVE - 2024-27052 https://errata.rockylinux.org/RLSA-2024:3618 https://errata.rockylinux.org/RLSA-2024:3627 https://errata.rockylinux.org/RLSA-2024:5363

Rocky Linux: CVE-2024-27056: kernel-rt (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/01/2024 Created 06/17/2024 Added 06/17/2024 Modified 11/18/2024 Description In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: ensure offloading TID queue exists The resume code path assumes that the TX queue for the offloading TID has been configured. At resume time it then tries to sync the write pointer as it may have been updated by the firmware. In the unusual event that no packets have been send on TID 0, the queue will not have been allocated and this causes a crash. Fix this by ensuring the queue exist at suspend time. Solution(s) rocky-upgrade-bpftool rocky-upgrade-bpftool-debuginfo rocky-upgrade-kernel rocky-upgrade-kernel-core rocky-upgrade-kernel-cross-headers rocky-upgrade-kernel-debug rocky-upgrade-kernel-debug-core rocky-upgrade-kernel-debug-debuginfo rocky-upgrade-kernel-debug-devel rocky-upgrade-kernel-debug-modules rocky-upgrade-kernel-debug-modules-extra rocky-upgrade-kernel-debuginfo rocky-upgrade-kernel-debuginfo-common-x86_64 rocky-upgrade-kernel-devel rocky-upgrade-kernel-headers rocky-upgrade-kernel-modules rocky-upgrade-kernel-modules-extra rocky-upgrade-kernel-rt rocky-upgrade-kernel-rt-core rocky-upgrade-kernel-rt-debug rocky-upgrade-kernel-rt-debug-core rocky-upgrade-kernel-rt-debug-debuginfo rocky-upgrade-kernel-rt-debug-devel rocky-upgrade-kernel-rt-debug-kvm rocky-upgrade-kernel-rt-debug-modules rocky-upgrade-kernel-rt-debug-modules-extra rocky-upgrade-kernel-rt-debuginfo rocky-upgrade-kernel-rt-debuginfo-common-x86_64 rocky-upgrade-kernel-rt-devel rocky-upgrade-kernel-rt-kvm rocky-upgrade-kernel-rt-modules rocky-upgrade-kernel-rt-modules-extra rocky-upgrade-kernel-tools rocky-upgrade-kernel-tools-debuginfo rocky-upgrade-kernel-tools-libs rocky-upgrade-kernel-tools-libs-devel rocky-upgrade-perf rocky-upgrade-perf-debuginfo rocky-upgrade-python3-perf rocky-upgrade-python3-perf-debuginfo References https://attackerkb.com/topics/cve-2024-27056 CVE - 2024-27056 https://errata.rockylinux.org/RLSA-2024:3618 https://errata.rockylinux.org/RLSA-2024:3627

Rocky Linux: CVE-2024-26960: kernel-rt (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/01/2024 Created 08/23/2024 Added 08/22/2024 Modified 11/18/2024 Description In the Linux kernel, the following vulnerability has been resolved: mm: swap: fix race between free_swap_and_cache() and swapoff() There was previously a theoretical window where swapoff() could run and teardown a swap_info_struct while a call to free_swap_and_cache() was running in another thread.This could cause, amongst other bad possibilities, swap_page_trans_huge_swapped() (called by free_swap_and_cache()) to access the freed memory for swap_map. This is a theoretical problem and I haven't been able to provoke it from a test case.But there has been agreement based on code review that this is possible (see link below). Fix it by using get_swap_device()/put_swap_device(), which will stall swapoff().There was an extra check in _swap_info_get() to confirm that the swap entry was not free.This isn't present in get_swap_device() because it doesn't make sense in general due to the race between getting the reference and swapoff.So I've added an equivalent check directly in free_swap_and_cache(). Details of how to provoke one possible issue (thanks to David Hildenbrand for deriving this): --8<----- __swap_entry_free() might be the last user and result in "count == SWAP_HAS_CACHE". swapoff->try_to_unuse() will stop as soon as soon as si->inuse_pages==0. So the question is: could someone reclaim the folio and turn si->inuse_pages==0, before we completed swap_page_trans_huge_swapped(). Imagine the following: 2 MiB folio in the swapcache. Only 2 subpages are still references by swap entries. Process 1 still references subpage 0 via swap entry. Process 2 still references subpage 1 via swap entry. Process 1 quits. Calls free_swap_and_cache(). -> count == SWAP_HAS_CACHE [then, preempted in the hypervisor etc.] Process 2 quits. Calls free_swap_and_cache(). -> count == SWAP_HAS_CACHE Process 2 goes ahead, passes swap_page_trans_huge_swapped(), and calls __try_to_reclaim_swap(). __try_to_reclaim_swap()->folio_free_swap()->delete_from_swap_cache()-> put_swap_folio()->free_swap_slot()->swapcache_free_entries()-> swap_entry_free()->swap_range_free()-> ... WRITE_ONCE(si->inuse_pages, si->inuse_pages - nr_entries); What stops swapoff to succeed after process 2 reclaimed the swap cache but before process1 finished its call to swap_page_trans_huge_swapped()? --8<----- Solution(s) rocky-upgrade-bpftool rocky-upgrade-bpftool-debuginfo rocky-upgrade-kernel rocky-upgrade-kernel-core rocky-upgrade-kernel-cross-headers rocky-upgrade-kernel-debug rocky-upgrade-kernel-debug-core rocky-upgrade-kernel-debug-debuginfo rocky-upgrade-kernel-debug-devel rocky-upgrade-kernel-debug-modules rocky-upgrade-kernel-debug-modules-extra rocky-upgrade-kernel-debuginfo rocky-upgrade-kernel-debuginfo-common-x86_64 rocky-upgrade-kernel-devel rocky-upgrade-kernel-headers rocky-upgrade-kernel-modules rocky-upgrade-kernel-modules-extra rocky-upgrade-kernel-rt rocky-upgrade-kernel-rt-core rocky-upgrade-kernel-rt-debug rocky-upgrade-kernel-rt-debug-core rocky-upgrade-kernel-rt-debug-debuginfo rocky-upgrade-kernel-rt-debug-devel rocky-upgrade-kernel-rt-debug-kvm rocky-upgrade-kernel-rt-debug-modules rocky-upgrade-kernel-rt-debug-modules-extra rocky-upgrade-kernel-rt-debuginfo rocky-upgrade-kernel-rt-debuginfo-common-x86_64 rocky-upgrade-kernel-rt-devel rocky-upgrade-kernel-rt-kvm rocky-upgrade-kernel-rt-modules rocky-upgrade-kernel-rt-modules-extra rocky-upgrade-kernel-tools rocky-upgrade-kernel-tools-debuginfo rocky-upgrade-kernel-tools-libs rocky-upgrade-kernel-tools-libs-devel rocky-upgrade-perf rocky-upgrade-perf-debuginfo rocky-upgrade-python3-perf rocky-upgrade-python3-perf-debuginfo References https://attackerkb.com/topics/cve-2024-26960 CVE - 2024-26960 https://errata.rockylinux.org/RLSA-2024:5101 https://errata.rockylinux.org/RLSA-2024:5102

Rocky Linux: CVE-2024-27059: kernel-rt (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 05/01/2024 Created 06/17/2024 Added 06/17/2024 Modified 01/30/2025 Description In the Linux kernel, the following vulnerability has been resolved: USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command The isd200 sub-driver in usb-storage uses the HEADS and SECTORS values in the ATA ID information to calculate cylinder and head values when creating a CDB for READ or WRITE commands.The calculation involves division and modulus operations, which will cause a crash if either of these values is 0.While this never happens with a genuine device, it could happen with a flawed or subversive emulation, as reported by the syzbot fuzzer. Protect against this possibility by refusing to bind to the device if either the ATA_ID_HEADS or ATA_ID_SECTORS value in the device's ID information is 0.This requires isd200_Initialization() to return a negative error code when initialization fails; currently it always returns 0 (even when there is an error). Solution(s) rocky-upgrade-bpftool rocky-upgrade-bpftool-debuginfo rocky-upgrade-kernel rocky-upgrade-kernel-core rocky-upgrade-kernel-cross-headers rocky-upgrade-kernel-debug rocky-upgrade-kernel-debug-core rocky-upgrade-kernel-debug-debuginfo rocky-upgrade-kernel-debug-devel rocky-upgrade-kernel-debug-modules rocky-upgrade-kernel-debug-modules-extra rocky-upgrade-kernel-debuginfo rocky-upgrade-kernel-debuginfo-common-x86_64 rocky-upgrade-kernel-devel rocky-upgrade-kernel-headers rocky-upgrade-kernel-modules rocky-upgrade-kernel-modules-extra rocky-upgrade-kernel-rt rocky-upgrade-kernel-rt-core rocky-upgrade-kernel-rt-debug rocky-upgrade-kernel-rt-debug-core rocky-upgrade-kernel-rt-debug-debuginfo rocky-upgrade-kernel-rt-debug-devel rocky-upgrade-kernel-rt-debug-kvm rocky-upgrade-kernel-rt-debug-modules rocky-upgrade-kernel-rt-debug-modules-extra rocky-upgrade-kernel-rt-debuginfo rocky-upgrade-kernel-rt-debuginfo-common-x86_64 rocky-upgrade-kernel-rt-devel rocky-upgrade-kernel-rt-kvm rocky-upgrade-kernel-rt-modules rocky-upgrade-kernel-rt-modules-extra rocky-upgrade-kernel-tools rocky-upgrade-kernel-tools-debuginfo rocky-upgrade-kernel-tools-libs rocky-upgrade-kernel-tools-libs-devel rocky-upgrade-perf rocky-upgrade-perf-debuginfo rocky-upgrade-python3-perf rocky-upgrade-python3-perf-debuginfo References https://attackerkb.com/topics/cve-2024-27059 CVE - 2024-27059 https://errata.rockylinux.org/RLSA-2024:3618 https://errata.rockylinux.org/RLSA-2024:3627

Debian: CVE-2024-26957: linux -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/01/2024 Created 05/08/2024 Added 05/08/2024 Modified 07/03/2024 Description In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: fix reference counting on zcrypt card objects Tests with hot-plugging crytpo cards on KVM guests with debug kernel build revealed an use after free for the load field of the struct zcrypt_card. The reason was an incorrect reference handling of the zcrypt card object which could lead to a free of the zcrypt card object while it was still in use. This is an example of the slab message: kernel: 0x00000000885a7512-0x00000000885a7513 @offset=1298. First byte 0x68 instead of 0x6b kernel: Allocated in zcrypt_card_alloc+0x36/0x70 [zcrypt] age=18046 cpu=3 pid=43 kernel:kmalloc_trace+0x3f2/0x470 kernel:zcrypt_card_alloc+0x36/0x70 [zcrypt] kernel:zcrypt_cex4_card_probe+0x26/0x380 [zcrypt_cex4] kernel:ap_device_probe+0x15c/0x290 kernel:really_probe+0xd2/0x468 kernel:driver_probe_device+0x40/0xf0 kernel:__device_attach_driver+0xc0/0x140 kernel:bus_for_each_drv+0x8c/0xd0 kernel:__device_attach+0x114/0x198 kernel:bus_probe_device+0xb4/0xc8 kernel:device_add+0x4d2/0x6e0 kernel:ap_scan_adapter+0x3d0/0x7c0 kernel:ap_scan_bus+0x5a/0x3b0 kernel:ap_scan_bus_wq_callback+0x40/0x60 kernel:process_one_work+0x26e/0x620 kernel:worker_thread+0x21c/0x440 kernel: Freed in zcrypt_card_put+0x54/0x80 [zcrypt] age=9024 cpu=3 pid=43 kernel:kfree+0x37e/0x418 kernel:zcrypt_card_put+0x54/0x80 [zcrypt] kernel:ap_device_remove+0x4c/0xe0 kernel:device_release_driver_internal+0x1c4/0x270 kernel:bus_remove_device+0x100/0x188 kernel:device_del+0x164/0x3c0 kernel:device_unregister+0x30/0x90 kernel:ap_scan_adapter+0xc8/0x7c0 kernel:ap_scan_bus+0x5a/0x3b0 kernel:ap_scan_bus_wq_callback+0x40/0x60 kernel:process_one_work+0x26e/0x620 kernel:worker_thread+0x21c/0x440 kernel:kthread+0x150/0x168 kernel:__ret_from_fork+0x3c/0x58 kernel:ret_from_fork+0xa/0x30 kernel: Slab 0x00000372022169c0 objects=20 used=18 fp=0x00000000885a7c88 flags=0x3ffff00000000a00(workingset|slab|node=0|zone=1|lastcpupid=0x1ffff) kernel: Object 0x00000000885a74b8 @offset=1208 fp=0x00000000885a7c88 kernel: Redzone00000000885a74b0: bb bb bb bb bb bb bb bb........ kernel: Object 00000000885a74b8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6bkkkkkkkkkkkkkkkk kernel: Object 00000000885a74c8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6bkkkkkkkkkkkkkkkk kernel: Object 00000000885a74d8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6bkkkkkkkkkkkkkkkk kernel: Object 00000000885a74e8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6bkkkkkkkkkkkkkkkk kernel: Object 00000000885a74f8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6bkkkkkkkkkkkkkkkk kernel: Object 00000000885a7508: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 68 4b 6b 6b 6b a5kkkkkkkkkkhKkkk. kernel: Redzone00000000885a7518: bb bb bb bb bb bb bb bb........ kernel: Padding00000000885a756c: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5aZZZZZZZZZZZZ kernel: CPU: 0 PID: 387 Comm: systemd-udevd Not tainted 6.8.0-HF #2 kernel: Hardware name: IBM 3931 A01 704 (KVM/Linux) kernel: Call Trace: kernel:[<00000000ca5ab5b8>] dump_stack_lvl+0x90/0x120 kernel:[<00000000c99d78bc>] check_bytes_and_report+0x114/0x140 kernel:[<00000000c99d53cc>] check_object+0x334/0x3f8 kernel:[<00000000c99d820c>] alloc_debug_processing+0xc4/0x1f8 kernel:[<00000000c99d852e>] get_partial_node.part.0+0x1ee/0x3e0 kernel:[<00000000c99d94ec>] ___slab_alloc+0xaf4/0x13c8 kernel:[<00000000c99d9e38>] __slab_alloc.constprop.0+0x78/0xb8 kernel:[<00000000c99dc8dc>] __kmalloc+0x434/0x590 kernel:[<00000000c9b4c0ce>] ext4_htree_store_dirent+0x4e/0x1c0 kernel:[<00000000c9b908a2>] htree_dirblock_to_tree+0x17a/0x3f0 kernel: ---truncated--- Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2024-26957 CVE - 2024-26957 DSA-5681-1

Rocky Linux: CVE-2024-26946: kernel (RLSA-2024-6567) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/01/2024 Created 09/18/2024 Added 09/17/2024 Modified 11/18/2024 Description In the Linux kernel, the following vulnerability has been resolved: kprobes/x86: Use copy_from_kernel_nofault() to read from unsafe address Read from an unsafe address with copy_from_kernel_nofault() in arch_adjust_kprobe_addr() because this function is used before checking the address is in text or not. Syzcaller bot found a bug and reported the case if user specifies inaccessible data area, arch_adjust_kprobe_addr() will cause a kernel panic. [ mingo: Clarified the comment. ] Solution(s) rocky-upgrade-bpftool rocky-upgrade-bpftool-debuginfo rocky-upgrade-kernel rocky-upgrade-kernel-core rocky-upgrade-kernel-cross-headers rocky-upgrade-kernel-debug rocky-upgrade-kernel-debug-core rocky-upgrade-kernel-debug-debuginfo rocky-upgrade-kernel-debug-devel rocky-upgrade-kernel-debug-devel-matched rocky-upgrade-kernel-debug-modules rocky-upgrade-kernel-debug-modules-core rocky-upgrade-kernel-debug-modules-extra rocky-upgrade-kernel-debug-uki-virt rocky-upgrade-kernel-debuginfo rocky-upgrade-kernel-devel rocky-upgrade-kernel-devel-matched rocky-upgrade-kernel-headers rocky-upgrade-kernel-modules rocky-upgrade-kernel-modules-core rocky-upgrade-kernel-modules-extra rocky-upgrade-kernel-rt rocky-upgrade-kernel-rt-core rocky-upgrade-kernel-rt-debug rocky-upgrade-kernel-rt-debug-core rocky-upgrade-kernel-rt-debug-debuginfo rocky-upgrade-kernel-rt-debug-devel rocky-upgrade-kernel-rt-debug-kvm rocky-upgrade-kernel-rt-debug-modules rocky-upgrade-kernel-rt-debug-modules-core rocky-upgrade-kernel-rt-debug-modules-extra rocky-upgrade-kernel-rt-debuginfo rocky-upgrade-kernel-rt-devel rocky-upgrade-kernel-rt-kvm rocky-upgrade-kernel-rt-modules rocky-upgrade-kernel-rt-modules-core rocky-upgrade-kernel-rt-modules-extra rocky-upgrade-kernel-tools rocky-upgrade-kernel-tools-debuginfo rocky-upgrade-kernel-tools-libs rocky-upgrade-kernel-tools-libs-devel rocky-upgrade-kernel-uki-virt rocky-upgrade-kernel-zfcpdump rocky-upgrade-kernel-zfcpdump-core rocky-upgrade-kernel-zfcpdump-debuginfo rocky-upgrade-kernel-zfcpdump-devel rocky-upgrade-kernel-zfcpdump-devel-matched rocky-upgrade-kernel-zfcpdump-modules rocky-upgrade-kernel-zfcpdump-modules-core rocky-upgrade-kernel-zfcpdump-modules-extra rocky-upgrade-libperf rocky-upgrade-libperf-debuginfo rocky-upgrade-perf rocky-upgrade-perf-debuginfo rocky-upgrade-python3-perf rocky-upgrade-python3-perf-debuginfo rocky-upgrade-rtla rocky-upgrade-rv References https://attackerkb.com/topics/cve-2024-26946 CVE - 2024-26946 https://errata.rockylinux.org/RLSA-2024:6567

Rocky Linux: CVE-2024-26935: kernel (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/01/2024 Created 11/21/2024 Added 11/19/2024 Modified 02/14/2025 Description In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix unremoved procfs host directory regression Commit fc663711b944 ("scsi: core: Remove the /proc/scsi/${proc_name} directory earlier") fixed a bug related to modules loading/unloading, by adding a call to scsi_proc_hostdir_rm() on scsi_remove_host(). But that led to a potential duplicate call to the hostdir_rm() routine, since it's also called from scsi_host_dev_release(). That triggered a regression report, which was then fixed by commit be03df3d4bfe ("scsi: core: Fix a procfs host directory removal regression"). The fix just dropped the hostdir_rm() call from dev_release(). But it happens that this proc directory is created on scsi_host_alloc(), and that function "pairs" with scsi_host_dev_release(), while scsi_remove_host() pairs with scsi_add_host(). In other words, it seems the reason for removing the proc directory on dev_release() was meant to cover cases in which a SCSI host structure was allocated, but the call to scsi_add_host() didn't happen. And that pattern happens to exist in some error paths, for example. Syzkaller causes that by using USB raw gadget device, error'ing on usb-storage driver, at usb_stor_probe2(). By checking that path, we can see that the BadDevice label leads to a scsi_host_put() after a SCSI host allocation, but there's no call to scsi_add_host() in such path. That leads to messages like this in dmesg (and a leak of the SCSI host proc structure): usb-storage 4-1:87.51: USB Mass Storage device detected proc_dir_entry 'scsi/usb-storage' already registered WARNING: CPU: 1 PID: 3519 at fs/proc/generic.c:377 proc_register+0x347/0x4e0 fs/proc/generic.c:376 The proper fix seems to still call scsi_proc_hostdir_rm() on dev_release(), but guard that with the state check for SHOST_CREATED; there is even a comment in scsi_host_dev_release() detailing that: such conditional is meant for cases where the SCSI host was allocated but there was no calls to {add,remove}_host(), like the usb-storage case. This is what we propose here and with that, the error path of usb-storage does not trigger the warning anymore. Solution(s) rocky-upgrade-bpftool rocky-upgrade-bpftool-debuginfo rocky-upgrade-kernel rocky-upgrade-kernel-core rocky-upgrade-kernel-cross-headers rocky-upgrade-kernel-debug rocky-upgrade-kernel-debug-core rocky-upgrade-kernel-debug-debuginfo rocky-upgrade-kernel-debug-devel rocky-upgrade-kernel-debug-devel-matched rocky-upgrade-kernel-debug-modules rocky-upgrade-kernel-debug-modules-core rocky-upgrade-kernel-debug-modules-extra rocky-upgrade-kernel-debug-uki-virt rocky-upgrade-kernel-debuginfo rocky-upgrade-kernel-debuginfo-common-x86_64 rocky-upgrade-kernel-devel rocky-upgrade-kernel-devel-matched rocky-upgrade-kernel-headers rocky-upgrade-kernel-modules rocky-upgrade-kernel-modules-core rocky-upgrade-kernel-modules-extra rocky-upgrade-kernel-rt rocky-upgrade-kernel-rt-core rocky-upgrade-kernel-rt-debug rocky-upgrade-kernel-rt-debug-core rocky-upgrade-kernel-rt-debug-debuginfo rocky-upgrade-kernel-rt-debug-devel rocky-upgrade-kernel-rt-debug-kvm rocky-upgrade-kernel-rt-debug-modules rocky-upgrade-kernel-rt-debug-modules-core rocky-upgrade-kernel-rt-debug-modules-extra rocky-upgrade-kernel-rt-debuginfo rocky-upgrade-kernel-rt-debuginfo-common-x86_64 rocky-upgrade-kernel-rt-devel rocky-upgrade-kernel-rt-kvm rocky-upgrade-kernel-rt-modules rocky-upgrade-kernel-rt-modules-core rocky-upgrade-kernel-rt-modules-extra rocky-upgrade-kernel-tools rocky-upgrade-kernel-tools-debuginfo rocky-upgrade-kernel-tools-libs rocky-upgrade-kernel-tools-libs-devel rocky-upgrade-kernel-uki-virt rocky-upgrade-kernel-zfcpdump rocky-upgrade-kernel-zfcpdump-core rocky-upgrade-kernel-zfcpdump-debuginfo rocky-upgrade-kernel-zfcpdump-devel rocky-upgrade-kernel-zfcpdump-devel-matched rocky-upgrade-kernel-zfcpdump-modules rocky-upgrade-kernel-zfcpdump-modules-core rocky-upgrade-kernel-zfcpdump-modules-extra rocky-upgrade-libperf rocky-upgrade-libperf-debuginfo rocky-upgrade-perf rocky-upgrade-perf-debuginfo rocky-upgrade-python3-perf rocky-upgrade-python3-perf-debuginfo rocky-upgrade-rtla rocky-upgrade-rv References https://attackerkb.com/topics/cve-2024-26935 CVE - 2024-26935 https://errata.rockylinux.org/RLSA-2024:8617 https://errata.rockylinux.org/RLSA-2025:1067 https://errata.rockylinux.org/RLSA-2025:1068

Rocky Linux: CVE-2024-27388: kernel-rt (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 05/01/2024 Created 08/23/2024 Added 08/22/2024 Modified 01/28/2025 Description In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix some memleaks in gssx_dec_option_array The creds and oa->data need to be freed in the error-handling paths after their allocation. So this patch add these deallocations in the corresponding paths. Solution(s) rocky-upgrade-bpftool rocky-upgrade-bpftool-debuginfo rocky-upgrade-kernel rocky-upgrade-kernel-core rocky-upgrade-kernel-cross-headers rocky-upgrade-kernel-debug rocky-upgrade-kernel-debug-core rocky-upgrade-kernel-debug-debuginfo rocky-upgrade-kernel-debug-devel rocky-upgrade-kernel-debug-modules rocky-upgrade-kernel-debug-modules-extra rocky-upgrade-kernel-debuginfo rocky-upgrade-kernel-debuginfo-common-x86_64 rocky-upgrade-kernel-devel rocky-upgrade-kernel-headers rocky-upgrade-kernel-modules rocky-upgrade-kernel-modules-extra rocky-upgrade-kernel-rt rocky-upgrade-kernel-rt-core rocky-upgrade-kernel-rt-debug rocky-upgrade-kernel-rt-debug-core rocky-upgrade-kernel-rt-debug-debuginfo rocky-upgrade-kernel-rt-debug-devel rocky-upgrade-kernel-rt-debug-kvm rocky-upgrade-kernel-rt-debug-modules rocky-upgrade-kernel-rt-debug-modules-extra rocky-upgrade-kernel-rt-debuginfo rocky-upgrade-kernel-rt-debuginfo-common-x86_64 rocky-upgrade-kernel-rt-devel rocky-upgrade-kernel-rt-kvm rocky-upgrade-kernel-rt-modules rocky-upgrade-kernel-rt-modules-extra rocky-upgrade-kernel-tools rocky-upgrade-kernel-tools-debuginfo rocky-upgrade-kernel-tools-libs rocky-upgrade-kernel-tools-libs-devel rocky-upgrade-perf rocky-upgrade-perf-debuginfo rocky-upgrade-python3-perf rocky-upgrade-python3-perf-debuginfo References https://attackerkb.com/topics/cve-2024-27388 CVE - 2024-27388 https://errata.rockylinux.org/RLSA-2024:5101 https://errata.rockylinux.org/RLSA-2024:5102

Rocky Linux: CVE-2024-26982: kernel (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/01/2024 Created 07/16/2024 Added 07/16/2024 Modified 11/18/2024 Description In the Linux kernel, the following vulnerability has been resolved: Squashfs: check the inode number is not the invalid value of zero Syskiller has produced an out of bounds access in fill_meta_index(). That out of bounds access is ultimately caused because the inode has an inode number with the invalid value of zero, which was not checked. The reason this causes the out of bounds access is due to following sequence of events: 1. Fill_meta_index() is called to allocate (via empty_meta_index()) and fill a metadata index.It however suffers a data read error and aborts, invalidating the newly returned empty metadata index. It does this by setting the inode number of the index to zero, which means unused (zero is not a valid inode number). 2. When fill_meta_index() is subsequently called again on another read operation, locate_meta_index() returns the previous index because it matches the inode number of 0.Because this index has been returned it is expected to have been filled, and because it hasn't been, an out of bounds access is performed. This patch adds a sanity check which checks that the inode number is not zero when the inode is created and returns -EINVAL if it is. [[email protected]: whitespace fix] Link: https://lkml.kernel.org/r/[email protected] Solution(s) rocky-upgrade-bpftool rocky-upgrade-bpftool-debuginfo rocky-upgrade-kernel rocky-upgrade-kernel-core rocky-upgrade-kernel-cross-headers rocky-upgrade-kernel-debug rocky-upgrade-kernel-debug-core rocky-upgrade-kernel-debug-debuginfo rocky-upgrade-kernel-debug-devel rocky-upgrade-kernel-debug-devel-matched rocky-upgrade-kernel-debug-modules rocky-upgrade-kernel-debug-modules-core rocky-upgrade-kernel-debug-modules-extra rocky-upgrade-kernel-debug-uki-virt rocky-upgrade-kernel-debuginfo rocky-upgrade-kernel-debuginfo-common-x86_64 rocky-upgrade-kernel-devel rocky-upgrade-kernel-devel-matched rocky-upgrade-kernel-headers rocky-upgrade-kernel-modules rocky-upgrade-kernel-modules-core rocky-upgrade-kernel-modules-extra rocky-upgrade-kernel-rt rocky-upgrade-kernel-rt-core rocky-upgrade-kernel-rt-debug rocky-upgrade-kernel-rt-debug-core rocky-upgrade-kernel-rt-debug-debuginfo rocky-upgrade-kernel-rt-debug-devel rocky-upgrade-kernel-rt-debug-kvm rocky-upgrade-kernel-rt-debug-modules rocky-upgrade-kernel-rt-debug-modules-core rocky-upgrade-kernel-rt-debug-modules-extra rocky-upgrade-kernel-rt-debuginfo rocky-upgrade-kernel-rt-debuginfo-common-x86_64 rocky-upgrade-kernel-rt-devel rocky-upgrade-kernel-rt-kvm rocky-upgrade-kernel-rt-modules rocky-upgrade-kernel-rt-modules-core rocky-upgrade-kernel-rt-modules-extra rocky-upgrade-kernel-tools rocky-upgrade-kernel-tools-debuginfo rocky-upgrade-kernel-tools-libs rocky-upgrade-kernel-tools-libs-devel rocky-upgrade-kernel-uki-virt rocky-upgrade-kernel-zfcpdump rocky-upgrade-kernel-zfcpdump-core rocky-upgrade-kernel-zfcpdump-debuginfo rocky-upgrade-kernel-zfcpdump-devel rocky-upgrade-kernel-zfcpdump-devel-matched rocky-upgrade-kernel-zfcpdump-modules rocky-upgrade-kernel-zfcpdump-modules-core rocky-upgrade-kernel-zfcpdump-modules-extra rocky-upgrade-libperf rocky-upgrade-libperf-debuginfo rocky-upgrade-perf rocky-upgrade-perf-debuginfo rocky-upgrade-python3-perf rocky-upgrade-python3-perf-debuginfo rocky-upgrade-rtla rocky-upgrade-rv References https://attackerkb.com/topics/cve-2024-26982 CVE - 2024-26982 https://errata.rockylinux.org/RLSA-2024:4211 https://errata.rockylinux.org/RLSA-2024:4352 https://errata.rockylinux.org/RLSA-2024:4928

Oracle Linux: CVE-2024-26934: ELSA-2024-3618:kernel update (MODERATE) (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 05/01/2024 Created 06/07/2024 Added 06/06/2024 Modified 11/29/2024 Description In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix deadlock in usb_deauthorize_interface() Among the attribute file callback routines in drivers/usb/core/sysfs.c, the interface_authorized_store() function is the only one which acquires a device lock on an ancestor device: It calls usb_deauthorize_interface(), which locks the interface&apos;s parent USB device. The will lead to deadlock if another process already owns that lock and tries to remove the interface, whether through a configuration change or because the device has been disconnected.As part of the removal procedure, device_del() waits for all ongoing sysfs attribute callbacks to complete.But usb_deauthorize_interface() can&apos;t complete until the device lock has been released, and the lock won&apos;t be released until the removal has finished. The mechanism provided by sysfs to prevent this kind of deadlock is to use the sysfs_break_active_protection() function, which tells sysfs not to wait for the attribute callback. Reported-and-tested by: Yue Sun &lt;[email protected]&gt; Reported by: xingwei lee &lt;[email protected]&gt; Solution(s) oracle-linux-upgrade-kernel References https://attackerkb.com/topics/cve-2024-26934 CVE - 2024-26934 ELSA-2024-3618

Debian: CVE-2024-26937: linux -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/01/2024 Created 05/08/2024 Added 05/08/2024 Modified 07/03/2024 Description In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: Reset queue_priority_hint on parking Originally, with strict in order execution, we could complete execution only when the queue was empty. Preempt-to-busy allows replacement of an active request that may complete before the preemption is processed by HW. If that happens, the request is retired from the queue, but the queue_priority_hint remains set, preventing direct submission until after the next CS interrupt is processed. This preempt-to-busy race can be triggered by the heartbeat, which will also act as the power-management barrier and upon completion allow us to idle the HW. We may process the completion of the heartbeat, and begin parking the engine before the CS event that restores the queue_priority_hint, causing us to fail the assertion that it is MIN. <3>[166.210729] __engine_park:283 GEM_BUG_ON(engine->sched_engine->queue_priority_hint != (-((int)(~0U >> 1)) - 1)) <0>[166.210781] Dumping ftrace buffer: <0>[166.210795] --------------------------------- ... <0>[167.302811] drm_fdin-10972..s1. 165741070us : trace_ports: 0000:00:02.0 rcs0: promote { ccid:20 1217:2 prio 0 } <0>[167.302861] drm_fdin-10972d.s2. 165741072us : execlists_submission_tasklet: 0000:00:02.0 rcs0: preempting last=1217:2, prio=0, hint=2147483646 <0>[167.302928] drm_fdin-10972d.s2. 165741072us : __i915_request_unsubmit: 0000:00:02.0 rcs0: fence 1217:2, current 0 <0>[167.302992] drm_fdin-10972d.s2. 165741073us : __i915_request_submit: 0000:00:02.0 rcs0: fence 3:4660, current 4659 <0>[167.303044] drm_fdin-10972d.s1. 165741076us : execlists_submission_tasklet: 0000:00:02.0 rcs0: context:3 schedule-in, ccid:40 <0>[167.303095] drm_fdin-10972d.s1. 165741077us : trace_ports: 0000:00:02.0 rcs0: submit { ccid:40 3:4660* prio 2147483646 } <0>[167.303159] kworker/-89 11..... 165741139us : i915_request_retire.part.0: 0000:00:02.0 rcs0: fence c90:2, current 2 <0>[167.303208] kworker/-89 11..... 165741148us : __intel_context_do_unpin: 0000:00:02.0 rcs0: context:c90 unpin <0>[167.303272] kworker/-89 11..... 165741159us : i915_request_retire.part.0: 0000:00:02.0 rcs0: fence 1217:2, current 2 <0>[167.303321] kworker/-89 11..... 165741166us : __intel_context_do_unpin: 0000:00:02.0 rcs0: context:1217 unpin <0>[167.303384] kworker/-89 11..... 165741170us : i915_request_retire.part.0: 0000:00:02.0 rcs0: fence 3:4660, current 4660 <0>[167.303434] kworker/-89 11d..1. 165741172us : __intel_context_retire: 0000:00:02.0 rcs0: context:1216 retire runtime: { total:56028ns, avg:56028ns } <0>[167.303484] kworker/-89 11..... 165741198us : __engine_park: 0000:00:02.0 rcs0: parked <0>[167.303534] <idle>-0 5d.H3. 165741207us : execlists_irq_handler: 0000:00:02.0 rcs0: semaphore yield: 00000040 <0>[167.303583] kworker/-89 11..... 165741397us : __intel_context_retire: 0000:00:02.0 rcs0: context:1217 retire runtime: { total:325575ns, avg:0ns } <0>[167.303756] kworker/-89 11..... 165741777us : __intel_context_retire: 0000:00:02.0 rcs0: context:c90 retire runtime: { total:0ns, avg:0ns } <0>[167.303806] kworker/-89 11..... 165742017us : __engine_park: __engine_park:283 GEM_BUG_ON(engine->sched_engine->queue_priority_hint != (-((int)(~0U >> 1)) - 1)) <0>[167.303811] --------------------------------- <4>[167.304722] ------------[ cut here ]------------ <2>[167.304725] kernel BUG at drivers/gpu/drm/i915/gt/intel_engine_pm.c:283! <4>[167.304731] invalid opcode: 0000 [#1] PREEMPT SMP NOPTI <4>[167.304734] CPU: 11 PID: 89 Comm: kworker/11:1 Tainted: GW6.8.0-rc2-CI_DRM_14193-gc655e0fd2804+ #1 <4>[167.304736] Hardware name: Intel Corporation Rocket Lake Client Platform/RocketLake S UDIMM 6L RVP, BIOS RKLSFWI1.R00.3173.A03.2204210138 04/21/2022 <4>[167.304738] Workqueue: i915-unordered retire_work_handler [i915] <4>[16 ---truncated--- Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2024-26937 CVE - 2024-26937 DSA-5681-1

VMware Photon OS: CVE-2024-26934 Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 05/01/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix deadlock in usb_deauthorize_interface() Among the attribute file callback routines in drivers/usb/core/sysfs.c, the interface_authorized_store() function is the only one which acquires a device lock on an ancestor device: It calls usb_deauthorize_interface(), which locks the interface's parent USB device. The will lead to deadlock if another process already owns that lock and tries to remove the interface, whether through a configuration change or because the device has been disconnected.As part of the removal procedure, device_del() waits for all ongoing sysfs attribute callbacks to complete.But usb_deauthorize_interface() can't complete until the device lock has been released, and the lock won't be released until the removal has finished. The mechanism provided by sysfs to prevent this kind of deadlock is to use the sysfs_break_active_protection() function, which tells sysfs not to wait for the attribute callback. Reported-and-tested by: Yue Sun <[email protected]> Reported by: xingwei lee <[email protected]> Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-26934 CVE - 2024-26934

Rocky Linux: CVE-2023-52651: kernel (RLSA-2024-5363) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/01/2024 Created 08/23/2024 Added 08/22/2024 Modified 11/18/2024 Description Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Solution(s) rocky-upgrade-bpftool rocky-upgrade-bpftool-debuginfo rocky-upgrade-kernel rocky-upgrade-kernel-core rocky-upgrade-kernel-cross-headers rocky-upgrade-kernel-debug rocky-upgrade-kernel-debug-core rocky-upgrade-kernel-debug-debuginfo rocky-upgrade-kernel-debug-devel rocky-upgrade-kernel-debug-devel-matched rocky-upgrade-kernel-debug-modules rocky-upgrade-kernel-debug-modules-core rocky-upgrade-kernel-debug-modules-extra rocky-upgrade-kernel-debug-uki-virt rocky-upgrade-kernel-debuginfo rocky-upgrade-kernel-devel rocky-upgrade-kernel-devel-matched rocky-upgrade-kernel-headers rocky-upgrade-kernel-modules rocky-upgrade-kernel-modules-core rocky-upgrade-kernel-modules-extra rocky-upgrade-kernel-rt rocky-upgrade-kernel-rt-core rocky-upgrade-kernel-rt-debug rocky-upgrade-kernel-rt-debug-core rocky-upgrade-kernel-rt-debug-debuginfo rocky-upgrade-kernel-rt-debug-devel rocky-upgrade-kernel-rt-debug-kvm rocky-upgrade-kernel-rt-debug-modules rocky-upgrade-kernel-rt-debug-modules-core rocky-upgrade-kernel-rt-debug-modules-extra rocky-upgrade-kernel-rt-debuginfo rocky-upgrade-kernel-rt-devel rocky-upgrade-kernel-rt-kvm rocky-upgrade-kernel-rt-modules rocky-upgrade-kernel-rt-modules-core rocky-upgrade-kernel-rt-modules-extra rocky-upgrade-kernel-tools rocky-upgrade-kernel-tools-debuginfo rocky-upgrade-kernel-tools-libs rocky-upgrade-kernel-tools-libs-devel rocky-upgrade-kernel-uki-virt rocky-upgrade-kernel-zfcpdump rocky-upgrade-kernel-zfcpdump-core rocky-upgrade-kernel-zfcpdump-debuginfo rocky-upgrade-kernel-zfcpdump-devel rocky-upgrade-kernel-zfcpdump-devel-matched rocky-upgrade-kernel-zfcpdump-modules rocky-upgrade-kernel-zfcpdump-modules-core rocky-upgrade-kernel-zfcpdump-modules-extra rocky-upgrade-libperf rocky-upgrade-libperf-debuginfo rocky-upgrade-perf rocky-upgrade-perf-debuginfo rocky-upgrade-python3-perf rocky-upgrade-python3-perf-debuginfo rocky-upgrade-rtla rocky-upgrade-rv References https://attackerkb.com/topics/cve-2023-52651 CVE - 2023-52651 https://errata.rockylinux.org/RLSA-2024:5363

Huawei EulerOS: CVE-2024-27073: kernel security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/01/2024 Created 10/09/2024 Added 10/08/2024 Modified 10/08/2024 Description In the Linux kernel, the following vulnerability has been resolved: media: ttpci: fix two memleaks in budget_av_attach When saa7146_register_device and saa7146_vv_init fails, budget_av_attach should free the resources it allocates, like the error-handling of ttpci_budget_init does. Besides, there are two fixme comment refers to such deallocations. Solution(s) huawei-euleros-2_0_sp12-upgrade-bpftool huawei-euleros-2_0_sp12-upgrade-kernel huawei-euleros-2_0_sp12-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp12-upgrade-kernel-tools huawei-euleros-2_0_sp12-upgrade-kernel-tools-libs huawei-euleros-2_0_sp12-upgrade-python3-perf References https://attackerkb.com/topics/cve-2024-27073 CVE - 2024-27073 EulerOS-SA-2024-2352

Huawei EulerOS: CVE-2024-27062: kernel security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/01/2024 Created 10/09/2024 Added 10/08/2024 Modified 10/08/2024 Description In the Linux kernel, the following vulnerability has been resolved: nouveau: lock the client object tree. It appears the client object tree has no locking unless I've missed something else. Fix races around adding/removing client objects, mostly vram bar mappings. 4562.099306] general protection fault, probably for non-canonical address 0x6677ed422bceb80c: 0000 [#1] PREEMPT SMP PTI [ 4562.099314] CPU: 2 PID: 23171 Comm: deqp-vk Not tainted 6.8.0-rc6+ #27 [ 4562.099324] Hardware name: Gigabyte Technology Co., Ltd. Z390 I AORUS PRO WIFI/Z390 I AORUS PRO WIFI-CF, BIOS F8 11/05/2021 [ 4562.099330] RIP: 0010:nvkm_object_search+0x1d/0x70 [nouveau] [ 4562.099503] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 0f 1f 44 00 00 48 89 f8 48 85 f6 74 39 48 8b 87 a0 00 00 00 48 85 c0 74 12 <48> 8b 48 f8 48 39 ce 73 15 48 8b 40 10 48 85 c0 75 ee 48 c7 c0 fe [ 4562.099506] RSP: 0000:ffffa94cc420bbf8 EFLAGS: 00010206 [ 4562.099512] RAX: 6677ed422bceb814 RBX: ffff98108791f400 RCX: ffff9810f26b8f58 [ 4562.099517] RDX: 0000000000000000 RSI: ffff9810f26b9158 RDI: ffff98108791f400 [ 4562.099519] RBP: ffff9810f26b9158 R08: 0000000000000000 R09: 0000000000000000 [ 4562.099521] R10: ffffa94cc420bc48 R11: 0000000000000001 R12: ffff9810f02a7cc0 [ 4562.099526] R13: 0000000000000000 R14: 00000000000000ff R15: 0000000000000007 [ 4562.099528] FS:00007f629c5017c0(0000) GS:ffff98142c700000(0000) knlGS:0000000000000000 [ 4562.099534] CS:0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 4562.099536] CR2: 00007f629a882000 CR3: 000000017019e004 CR4: 00000000003706f0 [ 4562.099541] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 4562.099542] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 4562.099544] Call Trace: [ 4562.099555]<TASK> [ 4562.099573]? die_addr+0x36/0x90 [ 4562.099583]? exc_general_protection+0x246/0x4a0 [ 4562.099593]? asm_exc_general_protection+0x26/0x30 [ 4562.099600]? nvkm_object_search+0x1d/0x70 [nouveau] [ 4562.099730]nvkm_ioctl+0xa1/0x250 [nouveau] [ 4562.099861]nvif_object_map_handle+0xc8/0x180 [nouveau] [ 4562.099986]nouveau_ttm_io_mem_reserve+0x122/0x270 [nouveau] [ 4562.100156]? dma_resv_test_signaled+0x26/0xb0 [ 4562.100163]ttm_bo_vm_fault_reserved+0x97/0x3c0 [ttm] [ 4562.100182]? __mutex_unlock_slowpath+0x2a/0x270 [ 4562.100189]nouveau_ttm_fault+0x69/0xb0 [nouveau] [ 4562.100356]__do_fault+0x32/0x150 [ 4562.100362]do_fault+0x7c/0x560 [ 4562.100369]__handle_mm_fault+0x800/0xc10 [ 4562.100382]handle_mm_fault+0x17c/0x3e0 [ 4562.100388]do_user_addr_fault+0x208/0x860 [ 4562.100395]exc_page_fault+0x7f/0x200 [ 4562.100402]asm_exc_page_fault+0x26/0x30 [ 4562.100412] RIP: 0033:0x9b9870 [ 4562.100419] Code: 85 a8 f7 ff ff 8b 8d 80 f7 ff ff 89 08 e9 18 f2 ff ff 0f 1f 84 00 00 00 00 00 44 89 32 e9 90 fa ff ff 0f 1f 84 00 00 00 00 00 <44> 89 32 e9 f8 f1 ff ff 0f 1f 84 00 00 00 00 00 66 44 89 32 e9 e7 [ 4562.100422] RSP: 002b:00007fff9ba2dc70 EFLAGS: 00010246 [ 4562.100426] RAX: 0000000000000004 RBX: 000000000dd65e10 RCX: 000000fff0000000 [ 4562.100428] RDX: 00007f629a882000 RSI: 00007f629a882000 RDI: 0000000000000066 [ 4562.100432] RBP: 00007fff9ba2e570 R08: 0000000000000000 R09: 0000000123ddf000 [ 4562.100434] R10: 0000000000000001 R11: 0000000000000246 R12: 000000007fffffff [ 4562.100436] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 4562.100446]</TASK> [ 4562.100448] Modules linked in: nf_conntrack_netbios_ns nf_conntrack_broadcast nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ip_set nf_tables libcrc32c nfnetlink cmac bnep sunrpc iwlmvm intel_rapl_msr intel_rapl_common snd_sof_pci_intel_cnl x86_pkg_temp_thermal intel_powerclamp snd_sof_intel_hda_common mac80211 coretemp snd_soc_acpi_intel_match kvm_intel snd_soc_acpi snd_soc_hdac_hda snd_sof_pci snd_sof_xtensa_dsp snd_sof_intel_hda_mlink ---truncated--- Solution(s) huawei-euleros-2_0_sp10-upgrade-kernel huawei-euleros-2_0_sp10-upgrade-kernel-abi-stablelists huawei-euleros-2_0_sp10-upgrade-kernel-tools huawei-euleros-2_0_sp10-upgrade-kernel-tools-libs huawei-euleros-2_0_sp10-upgrade-python3-perf References https://attackerkb.com/topics/cve-2024-27062 CVE - 2024-27062 EulerOS-SA-2024-2418

Ubuntu: (Multiple Advisories) (CVE-2024-27000): Linux kernel vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/01/2024 Created 07/12/2024 Added 07/12/2024 Modified 09/20/2024 Description In the Linux kernel, the following vulnerability has been resolved: serial: mxs-auart: add spinlock around changing cts state The uart_handle_cts_change() function in serial_core expects the caller to hold uport->lock. For example, I have seen the below kernel splat, when the Bluetooth driver is loaded on an i.MX28 board. [ 85.119255] ------------[ cut here ]------------ [ 85.124413] WARNING: CPU: 0 PID: 27 at /drivers/tty/serial/serial_core.c:3453 uart_handle_cts_change+0xb4/0xec [ 85.134694] Modules linked in: hci_uart bluetooth ecdh_generic ecc wlcore_sdio configfs [ 85.143314] CPU: 0 PID: 27 Comm: kworker/u3:0 Not tainted 6.6.3-00021-gd62a2f068f92 #1 [ 85.151396] Hardware name: Freescale MXS (Device Tree) [ 85.156679] Workqueue: hci0 hci_power_on [bluetooth] (...) [ 85.191765]uart_handle_cts_change from mxs_auart_irq_handle+0x380/0x3f4 [ 85.198787]mxs_auart_irq_handle from __handle_irq_event_percpu+0x88/0x210 (...) Solution(s) ubuntu-upgrade-linux-image-5-15-0-1035-xilinx-zynqmp ubuntu-upgrade-linux-image-5-15-0-1048-gkeop ubuntu-upgrade-linux-image-5-15-0-1058-ibm ubuntu-upgrade-linux-image-5-15-0-1058-raspi ubuntu-upgrade-linux-image-5-15-0-1060-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1060-nvidia ubuntu-upgrade-linux-image-5-15-0-1060-nvidia-lowlatency ubuntu-upgrade-linux-image-5-15-0-1062-gke ubuntu-upgrade-linux-image-5-15-0-1062-kvm ubuntu-upgrade-linux-image-5-15-0-1063-oracle ubuntu-upgrade-linux-image-5-15-0-1064-gcp ubuntu-upgrade-linux-image-5-15-0-1065-aws ubuntu-upgrade-linux-image-5-15-0-1065-gcp ubuntu-upgrade-linux-image-5-15-0-1068-azure ubuntu-upgrade-linux-image-5-15-0-1068-azure-fde ubuntu-upgrade-linux-image-5-15-0-116-generic ubuntu-upgrade-linux-image-5-15-0-116-generic-64k ubuntu-upgrade-linux-image-5-15-0-116-generic-lpae ubuntu-upgrade-linux-image-5-15-0-116-lowlatency ubuntu-upgrade-linux-image-5-15-0-116-lowlatency-64k ubuntu-upgrade-linux-image-5-4-0-1040-iot ubuntu-upgrade-linux-image-5-4-0-1047-xilinx-zynqmp ubuntu-upgrade-linux-image-5-4-0-1075-ibm ubuntu-upgrade-linux-image-5-4-0-1088-bluefield ubuntu-upgrade-linux-image-5-4-0-1095-gkeop ubuntu-upgrade-linux-image-5-4-0-1112-raspi ubuntu-upgrade-linux-image-5-4-0-1116-kvm ubuntu-upgrade-linux-image-5-4-0-1127-oracle ubuntu-upgrade-linux-image-5-4-0-1128-aws ubuntu-upgrade-linux-image-5-4-0-1132-gcp ubuntu-upgrade-linux-image-5-4-0-1133-azure ubuntu-upgrade-linux-image-5-4-0-189-generic ubuntu-upgrade-linux-image-5-4-0-189-generic-lpae ubuntu-upgrade-linux-image-5-4-0-189-lowlatency ubuntu-upgrade-linux-image-6-8-0-1006-gke ubuntu-upgrade-linux-image-6-8-0-1007-intel ubuntu-upgrade-linux-image-6-8-0-1007-raspi ubuntu-upgrade-linux-image-6-8-0-1008-ibm ubuntu-upgrade-linux-image-6-8-0-1008-oem ubuntu-upgrade-linux-image-6-8-0-1008-oracle ubuntu-upgrade-linux-image-6-8-0-1008-oracle-64k ubuntu-upgrade-linux-image-6-8-0-1009-nvidia ubuntu-upgrade-linux-image-6-8-0-1009-nvidia-64k ubuntu-upgrade-linux-image-6-8-0-1010-azure ubuntu-upgrade-linux-image-6-8-0-1010-azure-fde ubuntu-upgrade-linux-image-6-8-0-1010-gcp ubuntu-upgrade-linux-image-6-8-0-1011-aws ubuntu-upgrade-linux-image-6-8-0-38-generic ubuntu-upgrade-linux-image-6-8-0-38-generic-64k ubuntu-upgrade-linux-image-6-8-0-38-lowlatency ubuntu-upgrade-linux-image-6-8-0-38-lowlatency-64k ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-lts-20-04 ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-cvm ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-fde-lts-22-04 ubuntu-upgrade-linux-image-azure-lts-20-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-bluefield ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-20-04 ubuntu-upgrade-linux-image-gcp-lts-22-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-64k-hwe-24-04 ubuntu-upgrade-linux-image-generic-hwe-18-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-24-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-gkeop-5-4 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-classic ubuntu-upgrade-linux-image-ibm-lts-20-04 ubuntu-upgrade-linux-image-ibm-lts-24-04 ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-18-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-nvidia ubuntu-upgrade-linux-image-nvidia-64k ubuntu-upgrade-linux-image-nvidia-lowlatency ubuntu-upgrade-linux-image-oem ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oem-24-04 ubuntu-upgrade-linux-image-oem-24-04a ubuntu-upgrade-linux-image-oem-osp1 ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-64k ubuntu-upgrade-linux-image-oracle-lts-20-04 ubuntu-upgrade-linux-image-oracle-lts-22-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-hwe-18-04 ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-raspi2 ubuntu-upgrade-linux-image-snapdragon-hwe-18-04 ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-18-04 ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-virtual-hwe-24-04 ubuntu-upgrade-linux-image-xilinx-zynqmp References https://attackerkb.com/topics/cve-2024-27000 CVE - 2024-27000 USN-6893-1 USN-6893-2 USN-6893-3 USN-6896-1 USN-6896-2 USN-6896-3 USN-6896-4 USN-6896-5 USN-6898-1 USN-6898-2 USN-6898-3 USN-6898-4 USN-6917-1 USN-6918-1 USN-6919-1 USN-6927-1 USN-7019-1 View more

Ubuntu: (Multiple Advisories) (CVE-2024-27028): Linux kernel vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/01/2024 Created 07/02/2024 Added 07/01/2024 Modified 07/29/2024 Description In the Linux kernel, the following vulnerability has been resolved: spi: spi-mt65xx: Fix NULL pointer access in interrupt handler The TX buffer in spi_transfer can be a NULL pointer, so the interrupt handler may end up writing to the invalid memory and cause crashes. Add a check to trans->tx_buf before using it. Solution(s) ubuntu-upgrade-linux-image-5-15-0-1030-xilinx-zynqmp ubuntu-upgrade-linux-image-5-15-0-1046-gkeop ubuntu-upgrade-linux-image-5-15-0-1056-ibm ubuntu-upgrade-linux-image-5-15-0-1057-ibm ubuntu-upgrade-linux-image-5-15-0-1058-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1058-nvidia ubuntu-upgrade-linux-image-5-15-0-1058-nvidia-lowlatency ubuntu-upgrade-linux-image-5-15-0-1058-raspi ubuntu-upgrade-linux-image-5-15-0-1060-gke ubuntu-upgrade-linux-image-5-15-0-1060-kvm ubuntu-upgrade-linux-image-5-15-0-1061-oracle ubuntu-upgrade-linux-image-5-15-0-1062-gcp ubuntu-upgrade-linux-image-5-15-0-1063-aws ubuntu-upgrade-linux-image-5-15-0-1065-azure-fde ubuntu-upgrade-linux-image-5-15-0-1066-azure ubuntu-upgrade-linux-image-5-15-0-110-lowlatency ubuntu-upgrade-linux-image-5-15-0-110-lowlatency-64k ubuntu-upgrade-linux-image-5-15-0-112-generic ubuntu-upgrade-linux-image-5-15-0-112-generic-64k ubuntu-upgrade-linux-image-5-15-0-112-generic-lpae ubuntu-upgrade-linux-image-5-15-0-113-generic ubuntu-upgrade-linux-image-5-15-0-113-generic-64k ubuntu-upgrade-linux-image-5-15-0-113-generic-lpae ubuntu-upgrade-linux-image-5-4-0-1040-iot ubuntu-upgrade-linux-image-5-4-0-1047-xilinx-zynqmp ubuntu-upgrade-linux-image-5-4-0-1075-ibm ubuntu-upgrade-linux-image-5-4-0-1088-bluefield ubuntu-upgrade-linux-image-5-4-0-1095-gkeop ubuntu-upgrade-linux-image-5-4-0-1112-raspi ubuntu-upgrade-linux-image-5-4-0-1116-kvm ubuntu-upgrade-linux-image-5-4-0-1127-oracle ubuntu-upgrade-linux-image-5-4-0-1128-aws ubuntu-upgrade-linux-image-5-4-0-1132-gcp ubuntu-upgrade-linux-image-5-4-0-1133-azure ubuntu-upgrade-linux-image-5-4-0-189-generic ubuntu-upgrade-linux-image-5-4-0-189-generic-lpae ubuntu-upgrade-linux-image-5-4-0-189-lowlatency ubuntu-upgrade-linux-image-6-8-0-1004-gke ubuntu-upgrade-linux-image-6-8-0-1005-raspi ubuntu-upgrade-linux-image-6-8-0-1006-ibm ubuntu-upgrade-linux-image-6-8-0-1006-oem ubuntu-upgrade-linux-image-6-8-0-1006-oracle ubuntu-upgrade-linux-image-6-8-0-1006-oracle-64k ubuntu-upgrade-linux-image-6-8-0-1008-azure ubuntu-upgrade-linux-image-6-8-0-1008-azure-fde ubuntu-upgrade-linux-image-6-8-0-1008-gcp ubuntu-upgrade-linux-image-6-8-0-1009-aws ubuntu-upgrade-linux-image-6-8-0-35-generic ubuntu-upgrade-linux-image-6-8-0-35-generic-64k ubuntu-upgrade-linux-image-6-8-0-35-lowlatency ubuntu-upgrade-linux-image-6-8-0-35-lowlatency-64k ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-lts-20-04 ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-fde-lts-22-04 ubuntu-upgrade-linux-image-azure-lts-20-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-bluefield ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-20-04 ubuntu-upgrade-linux-image-gcp-lts-22-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-64k-hwe-24-04 ubuntu-upgrade-linux-image-generic-hwe-18-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-24-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-gkeop-5-4 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-classic ubuntu-upgrade-linux-image-ibm-lts-20-04 ubuntu-upgrade-linux-image-ibm-lts-24-04 ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-18-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-nvidia ubuntu-upgrade-linux-image-nvidia-lowlatency ubuntu-upgrade-linux-image-oem ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oem-24-04 ubuntu-upgrade-linux-image-oem-24-04a ubuntu-upgrade-linux-image-oem-osp1 ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-64k ubuntu-upgrade-linux-image-oracle-lts-20-04 ubuntu-upgrade-linux-image-oracle-lts-22-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-hwe-18-04 ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-raspi2 ubuntu-upgrade-linux-image-snapdragon-hwe-18-04 ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-18-04 ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-virtual-hwe-24-04 ubuntu-upgrade-linux-image-xilinx-zynqmp References https://attackerkb.com/topics/cve-2024-27028 CVE - 2024-27028 USN-6816-1 USN-6817-1 USN-6817-2 USN-6817-3 USN-6820-1 USN-6820-2 USN-6821-1 USN-6821-2 USN-6821-3 USN-6821-4 USN-6828-1 USN-6871-1 USN-6878-1 USN-6892-1 USN-6896-1 USN-6896-2 USN-6896-3 USN-6896-4 USN-6896-5 USN-6919-1 View more

Ubuntu: (Multiple Advisories) (CVE-2024-26938): Linux kernel vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/01/2024 Created 07/02/2024 Added 07/01/2024 Modified 07/15/2024 Description In the Linux kernel, the following vulnerability has been resolved: drm/i915/bios: Tolerate devdata==NULL in intel_bios_encoder_supports_dp_dual_mode() If we have no VBT, or the VBT didn't declare the encoder in question, we won't have the 'devdata' for the encoder. Instead of oopsing just bail early. We won't be able to tell whether the port is DP++ or not, but so be it. (cherry picked from commit 26410896206342c8a80d2b027923e9ee7d33b733) Solution(s) ubuntu-upgrade-linux-image-6-8-0-1004-gke ubuntu-upgrade-linux-image-6-8-0-1005-raspi ubuntu-upgrade-linux-image-6-8-0-1006-ibm ubuntu-upgrade-linux-image-6-8-0-1006-oem ubuntu-upgrade-linux-image-6-8-0-1006-oracle ubuntu-upgrade-linux-image-6-8-0-1006-oracle-64k ubuntu-upgrade-linux-image-6-8-0-1008-azure ubuntu-upgrade-linux-image-6-8-0-1008-azure-fde ubuntu-upgrade-linux-image-6-8-0-1008-gcp ubuntu-upgrade-linux-image-6-8-0-1009-aws ubuntu-upgrade-linux-image-6-8-0-35-generic ubuntu-upgrade-linux-image-6-8-0-35-generic-64k ubuntu-upgrade-linux-image-6-8-0-35-lowlatency ubuntu-upgrade-linux-image-6-8-0-35-lowlatency-64k ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-24-04 ubuntu-upgrade-linux-image-generic-hwe-24-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-classic ubuntu-upgrade-linux-image-ibm-lts-24-04 ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-oem-24-04 ubuntu-upgrade-linux-image-oem-24-04a ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-64k ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-24-04 References https://attackerkb.com/topics/cve-2024-26938 CVE - 2024-26938 USN-6816-1 USN-6817-1 USN-6817-2 USN-6817-3 USN-6878-1

Ubuntu: (Multiple Advisories) (CVE-2024-27030): Linux kernel vulnerabilities Severity 6 CVSS (AV:L/AC:M/Au:S/C:N/I:C/A:C) Published 05/01/2024 Created 07/02/2024 Added 07/01/2024 Modified 01/28/2025 Description In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Use separate handlers for interrupts For PF to AF interrupt vector and VF to AF vector same interrupt handler is registered which is causing race condition. When two interrupts are raised to two CPUs at same time then two cores serve same event corrupting the data. Solution(s) ubuntu-upgrade-linux-image-5-15-0-1030-xilinx-zynqmp ubuntu-upgrade-linux-image-5-15-0-1046-gkeop ubuntu-upgrade-linux-image-5-15-0-1056-ibm ubuntu-upgrade-linux-image-5-15-0-1057-ibm ubuntu-upgrade-linux-image-5-15-0-1058-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1058-nvidia ubuntu-upgrade-linux-image-5-15-0-1058-nvidia-lowlatency ubuntu-upgrade-linux-image-5-15-0-1058-raspi ubuntu-upgrade-linux-image-5-15-0-1060-gke ubuntu-upgrade-linux-image-5-15-0-1060-kvm ubuntu-upgrade-linux-image-5-15-0-1061-oracle ubuntu-upgrade-linux-image-5-15-0-1062-gcp ubuntu-upgrade-linux-image-5-15-0-1063-aws ubuntu-upgrade-linux-image-5-15-0-1065-azure-fde ubuntu-upgrade-linux-image-5-15-0-1066-azure ubuntu-upgrade-linux-image-5-15-0-110-lowlatency ubuntu-upgrade-linux-image-5-15-0-110-lowlatency-64k ubuntu-upgrade-linux-image-5-15-0-112-generic ubuntu-upgrade-linux-image-5-15-0-112-generic-64k ubuntu-upgrade-linux-image-5-15-0-112-generic-lpae ubuntu-upgrade-linux-image-5-15-0-113-generic ubuntu-upgrade-linux-image-5-15-0-113-generic-64k ubuntu-upgrade-linux-image-5-15-0-113-generic-lpae ubuntu-upgrade-linux-image-5-4-0-1040-iot ubuntu-upgrade-linux-image-5-4-0-1047-xilinx-zynqmp ubuntu-upgrade-linux-image-5-4-0-1075-ibm ubuntu-upgrade-linux-image-5-4-0-1088-bluefield ubuntu-upgrade-linux-image-5-4-0-1095-gkeop ubuntu-upgrade-linux-image-5-4-0-1112-raspi ubuntu-upgrade-linux-image-5-4-0-1116-kvm ubuntu-upgrade-linux-image-5-4-0-1127-oracle ubuntu-upgrade-linux-image-5-4-0-1128-aws ubuntu-upgrade-linux-image-5-4-0-1132-gcp ubuntu-upgrade-linux-image-5-4-0-1133-azure ubuntu-upgrade-linux-image-5-4-0-189-generic ubuntu-upgrade-linux-image-5-4-0-189-generic-lpae ubuntu-upgrade-linux-image-5-4-0-189-lowlatency ubuntu-upgrade-linux-image-6-8-0-1004-gke ubuntu-upgrade-linux-image-6-8-0-1005-raspi ubuntu-upgrade-linux-image-6-8-0-1006-ibm ubuntu-upgrade-linux-image-6-8-0-1006-oem ubuntu-upgrade-linux-image-6-8-0-1006-oracle ubuntu-upgrade-linux-image-6-8-0-1006-oracle-64k ubuntu-upgrade-linux-image-6-8-0-1008-azure ubuntu-upgrade-linux-image-6-8-0-1008-azure-fde ubuntu-upgrade-linux-image-6-8-0-1008-gcp ubuntu-upgrade-linux-image-6-8-0-1009-aws ubuntu-upgrade-linux-image-6-8-0-35-generic ubuntu-upgrade-linux-image-6-8-0-35-generic-64k ubuntu-upgrade-linux-image-6-8-0-35-lowlatency ubuntu-upgrade-linux-image-6-8-0-35-lowlatency-64k ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-lts-20-04 ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-fde-lts-22-04 ubuntu-upgrade-linux-image-azure-lts-20-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-bluefield ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-20-04 ubuntu-upgrade-linux-image-gcp-lts-22-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-64k-hwe-24-04 ubuntu-upgrade-linux-image-generic-hwe-18-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-24-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-gkeop-5-4 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-classic ubuntu-upgrade-linux-image-ibm-lts-20-04 ubuntu-upgrade-linux-image-ibm-lts-24-04 ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-18-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-nvidia ubuntu-upgrade-linux-image-nvidia-lowlatency ubuntu-upgrade-linux-image-oem ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oem-24-04 ubuntu-upgrade-linux-image-oem-24-04a ubuntu-upgrade-linux-image-oem-osp1 ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-64k ubuntu-upgrade-linux-image-oracle-lts-20-04 ubuntu-upgrade-linux-image-oracle-lts-22-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-hwe-18-04 ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-raspi2 ubuntu-upgrade-linux-image-snapdragon-hwe-18-04 ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-18-04 ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-virtual-hwe-24-04 ubuntu-upgrade-linux-image-xilinx-zynqmp References https://attackerkb.com/topics/cve-2024-27030 CVE - 2024-27030 USN-6816-1 USN-6817-1 USN-6817-2 USN-6817-3 USN-6820-1 USN-6820-2 USN-6821-1 USN-6821-2 USN-6821-3 USN-6821-4 USN-6828-1 USN-6871-1 USN-6878-1 USN-6892-1 USN-6896-1 USN-6896-2 USN-6896-3 USN-6896-4 USN-6896-5 USN-6919-1 View more

Ubuntu: (Multiple Advisories) (CVE-2024-26931): Linux kernel vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/01/2024 Created 07/02/2024 Added 07/01/2024 Modified 09/20/2024 Description In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix command flush on cable pull System crash due to command failed to flush back to SCSI layer. BUG: unable to handle kernel NULL pointer dereference at 0000000000000000 PGD 0 P4D 0 Oops: 0000 [#1] SMP NOPTI CPU: 27 PID: 793455 Comm: kworker/u130:6 Kdump: loaded Tainted: G OE--------- -- 4.18.0-372.9.1.el8.x86_64 #1 Hardware name: HPE ProLiant DL360 Gen10/ProLiant DL360 Gen10, BIOS U32 09/03/2021 Workqueue: nvme-wq nvme_fc_connect_ctrl_work [nvme_fc] RIP: 0010:__wake_up_common+0x4c/0x190 Code: 24 10 4d 85 c9 74 0a 41 f6 01 04 0f 85 9d 00 00 00 48 8b 43 08 48 83 c3 08 4c 8d 48 e8 49 8d 41 18 48 39 c3 0f 84 f0 00 00 00 <49> 8b 41 18 89 54 24 08 31 ed 4c 8d 70 e8 45 8b 29 41 f6 c5 04 75 RSP: 0018:ffff95f3e0cb7cd0 EFLAGS: 00010086 RAX: 0000000000000000 RBX: ffff8b08d3b26328 RCX: 0000000000000000 RDX: 0000000000000001 RSI: 0000000000000003 RDI: ffff8b08d3b26320 RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffffffffffe8 R10: 0000000000000000 R11: ffff95f3e0cb7a60 R12: ffff95f3e0cb7d20 R13: 0000000000000003 R14: 0000000000000000 R15: 0000000000000000 FS:0000000000000000(0000) GS:ffff8b2fdf6c0000(0000) knlGS:0000000000000000 CS:0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000000 CR3: 0000002f1e410002 CR4: 00000000007706e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 PKRU: 55555554 Call Trace: __wake_up_common_lock+0x7c/0xc0 qla_nvme_ls_req+0x355/0x4c0 [qla2xxx] qla2xxx [0000:12:00.1]-f084:3: qlt_free_session_done: se_sess 0000000000000000 / sess ffff8ae1407ca000 from port 21:32:00:02:ac:07:ee:b8 loop_id 0x02 s_id 01:02:00 logout 1 keep 0 els_logo 0 ? __nvme_fc_send_ls_req+0x260/0x380 [nvme_fc] qla2xxx [0000:12:00.1]-207d:3: FCPort 21:32:00:02:ac:07:ee:b8 state transitioned from ONLINE to LOST - portid=010200. ? nvme_fc_send_ls_req.constprop.42+0x1a/0x45 [nvme_fc] qla2xxx [0000:12:00.1]-2109:3: qla2x00_schedule_rport_del 21320002ac07eeb8. rport ffff8ae598122000 roles 1 ? nvme_fc_connect_ctrl_work.cold.63+0x1e3/0xa7d [nvme_fc] qla2xxx [0000:12:00.1]-f084:3: qlt_free_session_done: se_sess 0000000000000000 / sess ffff8ae14801e000 from port 21:32:01:02:ad:f7:ee:b8 loop_id 0x04 s_id 01:02:01 logout 1 keep 0 els_logo 0 ? __switch_to+0x10c/0x450 ? process_one_work+0x1a7/0x360 qla2xxx [0000:12:00.1]-207d:3: FCPort 21:32:01:02:ad:f7:ee:b8 state transitioned from ONLINE to LOST - portid=010201. ? worker_thread+0x1ce/0x390 ? create_worker+0x1a0/0x1a0 qla2xxx [0000:12:00.1]-2109:3: qla2x00_schedule_rport_del 21320102adf7eeb8. rport ffff8ae3b2312800 roles 70 ? kthread+0x10a/0x120 qla2xxx [0000:12:00.1]-2112:3: qla_nvme_unregister_remote_port: unregister remoteport on ffff8ae14801e000 21320102adf7eeb8 ? set_kthread_struct+0x40/0x40 qla2xxx [0000:12:00.1]-2110:3: remoteport_delete of ffff8ae14801e000 21320102adf7eeb8 completed. ? ret_from_fork+0x1f/0x40 qla2xxx [0000:12:00.1]-f086:3: qlt_free_session_done: waiting for sess ffff8ae14801e000 logout The system was under memory stress where driver was not able to allocate an SRB to carry out error recovery of cable pull.The failure to flush causes upper layer to start modifying scsi_cmnd.When the system frees up some memory, the subsequent cable pull trigger another command flush. At this point the driver access a null pointer when attempting to DMA unmap the SGL. Add a check to make sure commands are flush back on session tear down to prevent the null pointer access. Solution(s) ubuntu-upgrade-linux-image-5-15-0-1035-xilinx-zynqmp ubuntu-upgrade-linux-image-5-15-0-1048-gkeop ubuntu-upgrade-linux-image-5-15-0-1058-ibm ubuntu-upgrade-linux-image-5-15-0-1058-raspi ubuntu-upgrade-linux-image-5-15-0-1060-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1060-nvidia ubuntu-upgrade-linux-image-5-15-0-1060-nvidia-lowlatency ubuntu-upgrade-linux-image-5-15-0-1062-gke ubuntu-upgrade-linux-image-5-15-0-1062-kvm ubuntu-upgrade-linux-image-5-15-0-1063-oracle ubuntu-upgrade-linux-image-5-15-0-1064-gcp ubuntu-upgrade-linux-image-5-15-0-1065-aws ubuntu-upgrade-linux-image-5-15-0-1065-gcp ubuntu-upgrade-linux-image-5-15-0-1068-azure ubuntu-upgrade-linux-image-5-15-0-1068-azure-fde ubuntu-upgrade-linux-image-5-15-0-116-generic ubuntu-upgrade-linux-image-5-15-0-116-generic-64k ubuntu-upgrade-linux-image-5-15-0-116-generic-lpae ubuntu-upgrade-linux-image-5-15-0-116-lowlatency ubuntu-upgrade-linux-image-5-15-0-116-lowlatency-64k ubuntu-upgrade-linux-image-5-4-0-1040-iot ubuntu-upgrade-linux-image-5-4-0-1047-xilinx-zynqmp ubuntu-upgrade-linux-image-5-4-0-1075-ibm ubuntu-upgrade-linux-image-5-4-0-1088-bluefield ubuntu-upgrade-linux-image-5-4-0-1095-gkeop ubuntu-upgrade-linux-image-5-4-0-1112-raspi ubuntu-upgrade-linux-image-5-4-0-1116-kvm ubuntu-upgrade-linux-image-5-4-0-1127-oracle ubuntu-upgrade-linux-image-5-4-0-1128-aws ubuntu-upgrade-linux-image-5-4-0-1132-gcp ubuntu-upgrade-linux-image-5-4-0-1133-azure ubuntu-upgrade-linux-image-5-4-0-189-generic ubuntu-upgrade-linux-image-5-4-0-189-generic-lpae ubuntu-upgrade-linux-image-5-4-0-189-lowlatency ubuntu-upgrade-linux-image-6-8-0-1004-gke ubuntu-upgrade-linux-image-6-8-0-1005-raspi ubuntu-upgrade-linux-image-6-8-0-1006-ibm ubuntu-upgrade-linux-image-6-8-0-1006-oem ubuntu-upgrade-linux-image-6-8-0-1006-oracle ubuntu-upgrade-linux-image-6-8-0-1006-oracle-64k ubuntu-upgrade-linux-image-6-8-0-1008-azure ubuntu-upgrade-linux-image-6-8-0-1008-azure-fde ubuntu-upgrade-linux-image-6-8-0-1008-gcp ubuntu-upgrade-linux-image-6-8-0-1009-aws ubuntu-upgrade-linux-image-6-8-0-35-generic ubuntu-upgrade-linux-image-6-8-0-35-generic-64k ubuntu-upgrade-linux-image-6-8-0-35-lowlatency ubuntu-upgrade-linux-image-6-8-0-35-lowlatency-64k ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-lts-20-04 ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-cvm ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-fde-lts-22-04 ubuntu-upgrade-linux-image-azure-lts-20-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-bluefield ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-20-04 ubuntu-upgrade-linux-image-gcp-lts-22-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-64k-hwe-24-04 ubuntu-upgrade-linux-image-generic-hwe-18-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-24-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-gkeop-5-4 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-classic ubuntu-upgrade-linux-image-ibm-lts-20-04 ubuntu-upgrade-linux-image-ibm-lts-24-04 ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-18-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-nvidia ubuntu-upgrade-linux-image-nvidia-lowlatency ubuntu-upgrade-linux-image-oem ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oem-24-04 ubuntu-upgrade-linux-image-oem-24-04a ubuntu-upgrade-linux-image-oem-osp1 ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-64k ubuntu-upgrade-linux-image-oracle-lts-20-04 ubuntu-upgrade-linux-image-oracle-lts-22-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-hwe-18-04 ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-raspi2 ubuntu-upgrade-linux-image-snapdragon-hwe-18-04 ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-18-04 ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-virtual-hwe-24-04 ubuntu-upgrade-linux-image-xilinx-zynqmp References https://attackerkb.com/topics/cve-2024-26931 CVE - 2024-26931 USN-6816-1 USN-6817-1 USN-6817-2 USN-6817-3 USN-6878-1 USN-6896-1 USN-6896-2 USN-6896-3 USN-6896-4 USN-6896-5 USN-6898-1 USN-6898-2 USN-6898-3 USN-6898-4 USN-6917-1 USN-6919-1 USN-6927-1 USN-7019-1 View more

Ubuntu: (Multiple Advisories) (CVE-2024-26986): Linux kernel vulnerabilities Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 05/01/2024 Created 07/12/2024 Added 07/12/2024 Modified 01/28/2025 Description In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix memory leak in create_process failure Fix memory leak due to a leaked mmget reference on an error handling code path that is triggered when attempting to create KFD processes while a GPU reset is in progress. Solution(s) ubuntu-upgrade-linux-image-6-8-0-1006-gke ubuntu-upgrade-linux-image-6-8-0-1007-intel ubuntu-upgrade-linux-image-6-8-0-1007-raspi ubuntu-upgrade-linux-image-6-8-0-1008-ibm ubuntu-upgrade-linux-image-6-8-0-1008-oem ubuntu-upgrade-linux-image-6-8-0-1008-oracle ubuntu-upgrade-linux-image-6-8-0-1008-oracle-64k ubuntu-upgrade-linux-image-6-8-0-1009-nvidia ubuntu-upgrade-linux-image-6-8-0-1009-nvidia-64k ubuntu-upgrade-linux-image-6-8-0-1010-azure ubuntu-upgrade-linux-image-6-8-0-1010-azure-fde ubuntu-upgrade-linux-image-6-8-0-1010-gcp ubuntu-upgrade-linux-image-6-8-0-1011-aws ubuntu-upgrade-linux-image-6-8-0-38-generic ubuntu-upgrade-linux-image-6-8-0-38-generic-64k ubuntu-upgrade-linux-image-6-8-0-38-lowlatency ubuntu-upgrade-linux-image-6-8-0-38-lowlatency-64k ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-24-04 ubuntu-upgrade-linux-image-generic-hwe-24-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-classic ubuntu-upgrade-linux-image-ibm-lts-24-04 ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-nvidia ubuntu-upgrade-linux-image-nvidia-64k ubuntu-upgrade-linux-image-oem-24-04 ubuntu-upgrade-linux-image-oem-24-04a ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-64k ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-24-04 References https://attackerkb.com/topics/cve-2024-26986 CVE - 2024-26986 USN-6893-1 USN-6893-2 USN-6893-3 USN-6918-1

Ubuntu: (Multiple Advisories) (CVE-2024-27034): Linux kernel vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/01/2024 Created 07/02/2024 Added 07/01/2024 Modified 07/29/2024 Description In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix to cover normal cluster write with cp_rwsem When we overwrite compressed cluster w/ normal cluster, we should not unlock cp_rwsem during f2fs_write_raw_pages(), otherwise data will be corrupted if partial blocks were persisted before CP & SPOR, due to cluster metadata wasn't updated atomically. Solution(s) ubuntu-upgrade-linux-image-5-15-0-1030-xilinx-zynqmp ubuntu-upgrade-linux-image-5-15-0-1046-gkeop ubuntu-upgrade-linux-image-5-15-0-1056-ibm ubuntu-upgrade-linux-image-5-15-0-1057-ibm ubuntu-upgrade-linux-image-5-15-0-1058-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1058-nvidia ubuntu-upgrade-linux-image-5-15-0-1058-nvidia-lowlatency ubuntu-upgrade-linux-image-5-15-0-1058-raspi ubuntu-upgrade-linux-image-5-15-0-1060-gke ubuntu-upgrade-linux-image-5-15-0-1060-kvm ubuntu-upgrade-linux-image-5-15-0-1061-oracle ubuntu-upgrade-linux-image-5-15-0-1062-gcp ubuntu-upgrade-linux-image-5-15-0-1063-aws ubuntu-upgrade-linux-image-5-15-0-1065-azure-fde ubuntu-upgrade-linux-image-5-15-0-1066-azure ubuntu-upgrade-linux-image-5-15-0-110-lowlatency ubuntu-upgrade-linux-image-5-15-0-110-lowlatency-64k ubuntu-upgrade-linux-image-5-15-0-112-generic ubuntu-upgrade-linux-image-5-15-0-112-generic-64k ubuntu-upgrade-linux-image-5-15-0-112-generic-lpae ubuntu-upgrade-linux-image-5-15-0-113-generic ubuntu-upgrade-linux-image-5-15-0-113-generic-64k ubuntu-upgrade-linux-image-5-15-0-113-generic-lpae ubuntu-upgrade-linux-image-6-8-0-1004-gke ubuntu-upgrade-linux-image-6-8-0-1005-raspi ubuntu-upgrade-linux-image-6-8-0-1006-ibm ubuntu-upgrade-linux-image-6-8-0-1006-oem ubuntu-upgrade-linux-image-6-8-0-1006-oracle ubuntu-upgrade-linux-image-6-8-0-1006-oracle-64k ubuntu-upgrade-linux-image-6-8-0-1008-azure ubuntu-upgrade-linux-image-6-8-0-1008-azure-fde ubuntu-upgrade-linux-image-6-8-0-1008-gcp ubuntu-upgrade-linux-image-6-8-0-1009-aws ubuntu-upgrade-linux-image-6-8-0-35-generic ubuntu-upgrade-linux-image-6-8-0-35-generic-64k ubuntu-upgrade-linux-image-6-8-0-35-lowlatency ubuntu-upgrade-linux-image-6-8-0-35-lowlatency-64k ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-fde-lts-22-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-22-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-64k-hwe-24-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-24-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-classic ubuntu-upgrade-linux-image-ibm-lts-24-04 ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-nvidia ubuntu-upgrade-linux-image-nvidia-lowlatency ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oem-24-04 ubuntu-upgrade-linux-image-oem-24-04a ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-64k ubuntu-upgrade-linux-image-oracle-lts-22-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-virtual-hwe-24-04 ubuntu-upgrade-linux-image-xilinx-zynqmp References https://attackerkb.com/topics/cve-2024-27034 CVE - 2024-27034 USN-6816-1 USN-6817-1 USN-6817-2 USN-6817-3 USN-6820-1 USN-6820-2 USN-6821-1 USN-6821-2 USN-6821-3 USN-6821-4 USN-6828-1 USN-6871-1 USN-6878-1 USN-6892-1 USN-6919-1 View more

Ubuntu: (Multiple Advisories) (CVE-2024-26999): Linux kernel vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/01/2024 Created 07/12/2024 Added 07/12/2024 Modified 09/20/2024 Description In the Linux kernel, the following vulnerability has been resolved: serial/pmac_zilog: Remove flawed mitigation for rx irq flood The mitigation was intended to stop the irq completely. That may be better than a hard lock-up but it turns out that you get a crash anyway if you're using pmac_zilog as a serial console: ttyPZ0: pmz: rx irq flood ! BUG: spinlock recursion on CPU#0, swapper/0 That's because the pr_err() call in pmz_receive_chars() results in pmz_console_write() attempting to lock a spinlock already locked in pmz_interrupt(). With CONFIG_DEBUG_SPINLOCK=y, this produces a fatal BUG splat. The spinlock in question is the one in struct uart_port. Even when it's not fatal, the serial port rx function ceases to work. Also, the iteration limit doesn't play nicely with QEMU, as can be seen in the bug report linked below. A web search for other reports of the error message "pmz: rx irq flood" didn't produce anything. So I don't think this code is needed any more. Remove it. Solution(s) ubuntu-upgrade-linux-image-5-15-0-1035-xilinx-zynqmp ubuntu-upgrade-linux-image-5-15-0-1048-gkeop ubuntu-upgrade-linux-image-5-15-0-1058-ibm ubuntu-upgrade-linux-image-5-15-0-1058-raspi ubuntu-upgrade-linux-image-5-15-0-1060-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1060-nvidia ubuntu-upgrade-linux-image-5-15-0-1060-nvidia-lowlatency ubuntu-upgrade-linux-image-5-15-0-1062-gke ubuntu-upgrade-linux-image-5-15-0-1062-kvm ubuntu-upgrade-linux-image-5-15-0-1063-oracle ubuntu-upgrade-linux-image-5-15-0-1064-gcp ubuntu-upgrade-linux-image-5-15-0-1065-aws ubuntu-upgrade-linux-image-5-15-0-1065-gcp ubuntu-upgrade-linux-image-5-15-0-1068-azure ubuntu-upgrade-linux-image-5-15-0-1068-azure-fde ubuntu-upgrade-linux-image-5-15-0-116-generic ubuntu-upgrade-linux-image-5-15-0-116-generic-64k ubuntu-upgrade-linux-image-5-15-0-116-generic-lpae ubuntu-upgrade-linux-image-5-15-0-116-lowlatency ubuntu-upgrade-linux-image-5-15-0-116-lowlatency-64k ubuntu-upgrade-linux-image-5-4-0-1040-iot ubuntu-upgrade-linux-image-5-4-0-1047-xilinx-zynqmp ubuntu-upgrade-linux-image-5-4-0-1075-ibm ubuntu-upgrade-linux-image-5-4-0-1088-bluefield ubuntu-upgrade-linux-image-5-4-0-1095-gkeop ubuntu-upgrade-linux-image-5-4-0-1112-raspi ubuntu-upgrade-linux-image-5-4-0-1116-kvm ubuntu-upgrade-linux-image-5-4-0-1127-oracle ubuntu-upgrade-linux-image-5-4-0-1128-aws ubuntu-upgrade-linux-image-5-4-0-1132-gcp ubuntu-upgrade-linux-image-5-4-0-1133-azure ubuntu-upgrade-linux-image-5-4-0-189-generic ubuntu-upgrade-linux-image-5-4-0-189-generic-lpae ubuntu-upgrade-linux-image-5-4-0-189-lowlatency ubuntu-upgrade-linux-image-6-8-0-1006-gke ubuntu-upgrade-linux-image-6-8-0-1007-intel ubuntu-upgrade-linux-image-6-8-0-1007-raspi ubuntu-upgrade-linux-image-6-8-0-1008-ibm ubuntu-upgrade-linux-image-6-8-0-1008-oem ubuntu-upgrade-linux-image-6-8-0-1008-oracle ubuntu-upgrade-linux-image-6-8-0-1008-oracle-64k ubuntu-upgrade-linux-image-6-8-0-1009-nvidia ubuntu-upgrade-linux-image-6-8-0-1009-nvidia-64k ubuntu-upgrade-linux-image-6-8-0-1010-azure ubuntu-upgrade-linux-image-6-8-0-1010-azure-fde ubuntu-upgrade-linux-image-6-8-0-1010-gcp ubuntu-upgrade-linux-image-6-8-0-1011-aws ubuntu-upgrade-linux-image-6-8-0-38-generic ubuntu-upgrade-linux-image-6-8-0-38-generic-64k ubuntu-upgrade-linux-image-6-8-0-38-lowlatency ubuntu-upgrade-linux-image-6-8-0-38-lowlatency-64k ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-lts-20-04 ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-cvm ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-fde-lts-22-04 ubuntu-upgrade-linux-image-azure-lts-20-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-bluefield ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-20-04 ubuntu-upgrade-linux-image-gcp-lts-22-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-64k-hwe-24-04 ubuntu-upgrade-linux-image-generic-hwe-18-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-24-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-gkeop-5-4 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-classic ubuntu-upgrade-linux-image-ibm-lts-20-04 ubuntu-upgrade-linux-image-ibm-lts-24-04 ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-18-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-nvidia ubuntu-upgrade-linux-image-nvidia-64k ubuntu-upgrade-linux-image-nvidia-lowlatency ubuntu-upgrade-linux-image-oem ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oem-24-04 ubuntu-upgrade-linux-image-oem-24-04a ubuntu-upgrade-linux-image-oem-osp1 ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-64k ubuntu-upgrade-linux-image-oracle-lts-20-04 ubuntu-upgrade-linux-image-oracle-lts-22-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-hwe-18-04 ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-raspi2 ubuntu-upgrade-linux-image-snapdragon-hwe-18-04 ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-18-04 ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-virtual-hwe-24-04 ubuntu-upgrade-linux-image-xilinx-zynqmp References https://attackerkb.com/topics/cve-2024-26999 CVE - 2024-26999 USN-6893-1 USN-6893-2 USN-6893-3 USN-6896-1 USN-6896-2 USN-6896-3 USN-6896-4 USN-6896-5 USN-6898-1 USN-6898-2 USN-6898-3 USN-6898-4 USN-6917-1 USN-6918-1 USN-6919-1 USN-6927-1 USN-7019-1 View more

Ubuntu: (Multiple Advisories) (CVE-2024-27002): Linux kernel vulnerabilities Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 05/01/2024 Created 07/12/2024 Added 07/12/2024 Modified 01/30/2025 Description In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: Do a runtime PM get on controllers during probe mt8183-mfgcfg has a mutual dependency with genpd during the probing stage, which leads to a deadlock in the following call stack: CPU0:genpd_lock --> clk_prepare_lock genpd_power_off_work_fn() genpd_lock() generic_pm_domain::power_off() clk_unprepare() clk_prepare_lock() CPU1: clk_prepare_lock --> genpd_lock clk_register() __clk_core_init() clk_prepare_lock() clk_pm_runtime_get() genpd_lock() Do a runtime PM get at the probe function to make sure clk_register() won't acquire the genpd lock. Instead of only modifying mt8183-mfgcfg, do this on all mediatek clock controller probings because we don't believe this would cause any regression. Verified on MT8183 and MT8192 Chromebooks. Solution(s) ubuntu-upgrade-linux-image-6-8-0-1006-gke ubuntu-upgrade-linux-image-6-8-0-1007-intel ubuntu-upgrade-linux-image-6-8-0-1007-raspi ubuntu-upgrade-linux-image-6-8-0-1008-ibm ubuntu-upgrade-linux-image-6-8-0-1008-oem ubuntu-upgrade-linux-image-6-8-0-1008-oracle ubuntu-upgrade-linux-image-6-8-0-1008-oracle-64k ubuntu-upgrade-linux-image-6-8-0-1009-nvidia ubuntu-upgrade-linux-image-6-8-0-1009-nvidia-64k ubuntu-upgrade-linux-image-6-8-0-1010-azure ubuntu-upgrade-linux-image-6-8-0-1010-azure-fde ubuntu-upgrade-linux-image-6-8-0-1010-gcp ubuntu-upgrade-linux-image-6-8-0-1011-aws ubuntu-upgrade-linux-image-6-8-0-38-generic ubuntu-upgrade-linux-image-6-8-0-38-generic-64k ubuntu-upgrade-linux-image-6-8-0-38-lowlatency ubuntu-upgrade-linux-image-6-8-0-38-lowlatency-64k ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-24-04 ubuntu-upgrade-linux-image-generic-hwe-24-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-classic ubuntu-upgrade-linux-image-ibm-lts-24-04 ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-nvidia ubuntu-upgrade-linux-image-nvidia-64k ubuntu-upgrade-linux-image-oem-24-04 ubuntu-upgrade-linux-image-oem-24-04a ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-64k ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-24-04 References https://attackerkb.com/topics/cve-2024-27002 CVE - 2024-27002 USN-6893-1 USN-6893-2 USN-6893-3 USN-6918-1

Ubuntu: (Multiple Advisories) (CVE-2024-26966): Linux kernel vulnerabilities Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 05/01/2024 Created 07/02/2024 Added 07/01/2024 Modified 01/28/2025 Description In the Linux kernel, the following vulnerability has been resolved: clk: qcom: mmcc-apq8084: fix terminating of frequency table arrays The frequency table arrays are supposed to be terminated with an empty element. Add such entry to the end of the arrays where it is missing in order to avoid possible out-of-bound access when the table is traversed by functions like qcom_find_freq() or qcom_find_freq_floor(). Only compile tested. Solution(s) ubuntu-upgrade-linux-image-5-15-0-1035-xilinx-zynqmp ubuntu-upgrade-linux-image-5-15-0-1048-gkeop ubuntu-upgrade-linux-image-5-15-0-1058-ibm ubuntu-upgrade-linux-image-5-15-0-1058-raspi ubuntu-upgrade-linux-image-5-15-0-1060-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1060-nvidia ubuntu-upgrade-linux-image-5-15-0-1060-nvidia-lowlatency ubuntu-upgrade-linux-image-5-15-0-1062-gke ubuntu-upgrade-linux-image-5-15-0-1062-kvm ubuntu-upgrade-linux-image-5-15-0-1063-oracle ubuntu-upgrade-linux-image-5-15-0-1064-gcp ubuntu-upgrade-linux-image-5-15-0-1065-aws ubuntu-upgrade-linux-image-5-15-0-1065-gcp ubuntu-upgrade-linux-image-5-15-0-1068-azure ubuntu-upgrade-linux-image-5-15-0-1068-azure-fde ubuntu-upgrade-linux-image-5-15-0-116-generic ubuntu-upgrade-linux-image-5-15-0-116-generic-64k ubuntu-upgrade-linux-image-5-15-0-116-generic-lpae ubuntu-upgrade-linux-image-5-15-0-116-lowlatency ubuntu-upgrade-linux-image-5-15-0-116-lowlatency-64k ubuntu-upgrade-linux-image-5-4-0-1040-iot ubuntu-upgrade-linux-image-5-4-0-1047-xilinx-zynqmp ubuntu-upgrade-linux-image-5-4-0-1075-ibm ubuntu-upgrade-linux-image-5-4-0-1088-bluefield ubuntu-upgrade-linux-image-5-4-0-1095-gkeop ubuntu-upgrade-linux-image-5-4-0-1112-raspi ubuntu-upgrade-linux-image-5-4-0-1116-kvm ubuntu-upgrade-linux-image-5-4-0-1127-oracle ubuntu-upgrade-linux-image-5-4-0-1128-aws ubuntu-upgrade-linux-image-5-4-0-1132-gcp ubuntu-upgrade-linux-image-5-4-0-1133-azure ubuntu-upgrade-linux-image-5-4-0-189-generic ubuntu-upgrade-linux-image-5-4-0-189-generic-lpae ubuntu-upgrade-linux-image-5-4-0-189-lowlatency ubuntu-upgrade-linux-image-6-8-0-1004-gke ubuntu-upgrade-linux-image-6-8-0-1005-raspi ubuntu-upgrade-linux-image-6-8-0-1006-ibm ubuntu-upgrade-linux-image-6-8-0-1006-oem ubuntu-upgrade-linux-image-6-8-0-1006-oracle ubuntu-upgrade-linux-image-6-8-0-1006-oracle-64k ubuntu-upgrade-linux-image-6-8-0-1008-azure ubuntu-upgrade-linux-image-6-8-0-1008-azure-fde ubuntu-upgrade-linux-image-6-8-0-1008-gcp ubuntu-upgrade-linux-image-6-8-0-1009-aws ubuntu-upgrade-linux-image-6-8-0-35-generic ubuntu-upgrade-linux-image-6-8-0-35-generic-64k ubuntu-upgrade-linux-image-6-8-0-35-lowlatency ubuntu-upgrade-linux-image-6-8-0-35-lowlatency-64k ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-lts-20-04 ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-cvm ubuntu-upgrade-linux-image-azure-fde ubuntu-upgrade-linux-image-azure-fde-lts-22-04 ubuntu-upgrade-linux-image-azure-lts-20-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-bluefield ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-20-04 ubuntu-upgrade-linux-image-gcp-lts-22-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-64k-hwe-24-04 ubuntu-upgrade-linux-image-generic-hwe-18-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-24-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-gkeop-5-4 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-classic ubuntu-upgrade-linux-image-ibm-lts-20-04 ubuntu-upgrade-linux-image-ibm-lts-24-04 ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-18-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-nvidia ubuntu-upgrade-linux-image-nvidia-lowlatency ubuntu-upgrade-linux-image-oem ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oem-24-04 ubuntu-upgrade-linux-image-oem-24-04a ubuntu-upgrade-linux-image-oem-osp1 ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-64k ubuntu-upgrade-linux-image-oracle-lts-20-04 ubuntu-upgrade-linux-image-oracle-lts-22-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-hwe-18-04 ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-raspi2 ubuntu-upgrade-linux-image-snapdragon-hwe-18-04 ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-18-04 ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-virtual-hwe-24-04 ubuntu-upgrade-linux-image-xilinx-zynqmp References https://attackerkb.com/topics/cve-2024-26966 CVE - 2024-26966 USN-6816-1 USN-6817-1 USN-6817-2 USN-6817-3 USN-6878-1 USN-6896-1 USN-6896-2 USN-6896-3 USN-6896-4 USN-6896-5 USN-6898-1 USN-6898-2 USN-6898-3 USN-6898-4 USN-6917-1 USN-6919-1 USN-6927-1 USN-7019-1 View more