Ubuntu: (Multiple Advisories) (CVE-2024-39491): Linux kernel vulnerabilities

Ubuntu: (Multiple Advisories) (CVE-2024-39491): Linux kernel vulnerabilities

Severity

4

CVSS

(AV:L/AC:M/Au:N/C:P/I:P/A:P)

Published

07/10/2024

Created

09/13/2024

Added

09/12/2024

Modified

09/25/2024

Description

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: cs35l56: Fix lifetime of cs_dsp instance The cs_dsp instance is initialized in the driver probe() so it should be freed in the driver remove(). Also fix a missing call to cs_dsp_remove() in the error path of cs35l56_hda_common_probe(). The call to cs_dsp_remove() was being done in the component unbind callback cs35l56_hda_unbind(). This meant that if the driver was unbound and then re-bound it would be using an uninitialized cs_dsp instance. It is best to initialize the cs_dsp instance in probe() so that it can return an error if it fails. The component binding API doesn't have any error handling so there's no way to handle a failure if cs_dsp was initialized in the bind.

Solution(s)

• ubuntu-upgrade-linux-image-6-8-0-1010-gke
• ubuntu-upgrade-linux-image-6-8-0-1011-raspi
• ubuntu-upgrade-linux-image-6-8-0-1012-ibm
• ubuntu-upgrade-linux-image-6-8-0-1012-oem
• ubuntu-upgrade-linux-image-6-8-0-1012-oracle
• ubuntu-upgrade-linux-image-6-8-0-1012-oracle-64k
• ubuntu-upgrade-linux-image-6-8-0-1013-nvidia
• ubuntu-upgrade-linux-image-6-8-0-1013-nvidia-64k
• ubuntu-upgrade-linux-image-6-8-0-1013-nvidia-lowlatency
• ubuntu-upgrade-linux-image-6-8-0-1013-nvidia-lowlatency-64k
• ubuntu-upgrade-linux-image-6-8-0-1014-azure
• ubuntu-upgrade-linux-image-6-8-0-1014-azure-fde
• ubuntu-upgrade-linux-image-6-8-0-1014-gcp
• ubuntu-upgrade-linux-image-6-8-0-1015-aws
• ubuntu-upgrade-linux-image-6-8-0-44-generic
• ubuntu-upgrade-linux-image-6-8-0-44-generic-64k
• ubuntu-upgrade-linux-image-6-8-0-44-lowlatency
• ubuntu-upgrade-linux-image-6-8-0-44-lowlatency-64k
• ubuntu-upgrade-linux-image-6-8-0-45-generic
• ubuntu-upgrade-linux-image-6-8-0-45-generic-64k
• ubuntu-upgrade-linux-image-aws
• ubuntu-upgrade-linux-image-azure
• ubuntu-upgrade-linux-image-azure-fde
• ubuntu-upgrade-linux-image-gcp
• ubuntu-upgrade-linux-image-generic
• ubuntu-upgrade-linux-image-generic-64k
• ubuntu-upgrade-linux-image-generic-64k-hwe-22-04
• ubuntu-upgrade-linux-image-generic-64k-hwe-24-04
• ubuntu-upgrade-linux-image-generic-hwe-22-04
• ubuntu-upgrade-linux-image-generic-hwe-24-04
• ubuntu-upgrade-linux-image-generic-lpae
• ubuntu-upgrade-linux-image-gke
• ubuntu-upgrade-linux-image-ibm
• ubuntu-upgrade-linux-image-ibm-classic
• ubuntu-upgrade-linux-image-ibm-lts-24-04
• ubuntu-upgrade-linux-image-kvm
• ubuntu-upgrade-linux-image-lowlatency
• ubuntu-upgrade-linux-image-lowlatency-64k
• ubuntu-upgrade-linux-image-lowlatency-64k-hwe-22-04
• ubuntu-upgrade-linux-image-lowlatency-hwe-22-04
• ubuntu-upgrade-linux-image-nvidia
• ubuntu-upgrade-linux-image-nvidia-6-8
• ubuntu-upgrade-linux-image-nvidia-64k
• ubuntu-upgrade-linux-image-nvidia-64k-6-8
• ubuntu-upgrade-linux-image-nvidia-lowlatency
• ubuntu-upgrade-linux-image-nvidia-lowlatency-64k
• ubuntu-upgrade-linux-image-oem-22-04
• ubuntu-upgrade-linux-image-oem-22-04a
• ubuntu-upgrade-linux-image-oem-22-04b
• ubuntu-upgrade-linux-image-oem-22-04c
• ubuntu-upgrade-linux-image-oem-22-04d
• ubuntu-upgrade-linux-image-oracle
• ubuntu-upgrade-linux-image-oracle-64k
• ubuntu-upgrade-linux-image-raspi
• ubuntu-upgrade-linux-image-virtual
• ubuntu-upgrade-linux-image-virtual-hwe-22-04
• ubuntu-upgrade-linux-image-virtual-hwe-24-04

References

• https://attackerkb.com/topics/cve-2024-39491
• CVE - 2024-39491
• USN-6999-1
• USN-6999-2
• USN-7004-1
• USN-7005-1
• USN-7005-2
• USN-7008-1
• USN-7029-1

View more