USN-7185-1: Linux kernel vulnerabilities

Releases

• Ubuntu 18.04 ESM
• Ubuntu 16.04 ESM

Packages

• linux - Linux kernel
• linux-aws - Linux kernel for Amazon Web Services (AWS) systems
• linux-aws-hwe - Linux kernel for Amazon Web Services (AWS-HWE) systems
• linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
• linux-gcp-4.15 - Linux kernel for Google Cloud Platform (GCP) systems
• linux-hwe - Linux hardware enablement (HWE) kernel
• linux-kvm - Linux kernel for cloud environments
• linux-oracle - Linux kernel for Oracle Cloud systems

Details

Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux
kernel contained an integer overflow vulnerability. A local attacker could
use this to cause a denial of service (system crash). (CVE-2022-36402)

Zheng Wang discovered a use-after-free in the Renesas Ethernet AVB driver
in the Linux kernel during device removal. A privileged attacker could use
this to cause a denial of service (system crash). (CVE-2023-35827)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:

• GPU drivers;
• I2C subsystem;
• InfiniBand drivers;
• IRQ chip drivers;
• Network drivers;
• Pin controllers subsystem;
• S/390 drivers;
• TTY drivers;
• USB Host Controller drivers;
• USB Mass Storage drivers;
• Framebuffer layer;
• Ext4 file system;
• File systems infrastructure;
• Bluetooth subsystem;
• DMA mapping infrastructure;
• Memory management;
• 9P file system network protocol;
• IPv4 networking;
• IPv6 networking;
• Logical Link layer;
• MAC80211 subsystem;
• Netfilter;
• NFC subsystem;
• Phonet protocol;
• Network traffic control;
• VMware vSockets driver;
• Wireless networking;
  (CVE-2024-42090, CVE-2024-42156, CVE-2021-47082, CVE-2024-26921,
  CVE-2023-52594, CVE-2024-36968, CVE-2024-38633, CVE-2024-42077,
  CVE-2021-47076, CVE-2021-47501, CVE-2023-52507, CVE-2024-42153,
  CVE-2024-39301, CVE-2024-36946, CVE-2024-43884, CVE-2023-52509,
  CVE-2024-36004, CVE-2023-52486, CVE-2024-50264, CVE-2024-45006,
  CVE-2024-36941, CVE-2024-43856, CVE-2024-40912, CVE-2024-49967,
  CVE-2024-53057, CVE-2024-26777, CVE-2024-36270, CVE-2024-26625,
  CVE-2024-45021, CVE-2024-35886, CVE-2024-44947, CVE-2024-44944,
  CVE-2024-35847, CVE-2024-40959, CVE-2024-42101, CVE-2024-38619)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.04

• linux-image-4.15.0-1138-oracle - 4.15.0-1138.149
  Available with Ubuntu Pro
• linux-image-4.15.0-1159-kvm - 4.15.0-1159.164
  Available with Ubuntu Pro
• linux-image-4.15.0-1169-gcp - 4.15.0-1169.186
  Available with Ubuntu Pro
• linux-image-4.15.0-1176-aws - 4.15.0-1176.189
  Available with Ubuntu Pro
• linux-image-4.15.0-232-generic - 4.15.0-232.244
  Available with Ubuntu Pro
• linux-image-4.15.0-232-lowlatency - 4.15.0-232.244
  Available with Ubuntu Pro
• linux-image-aws-lts-18.04 - 4.15.0.1176.174
  Available with Ubuntu Pro
• linux-image-gcp-lts-18.04 - 4.15.0.1169.182
  Available with Ubuntu Pro
• linux-image-generic - 4.15.0.232.216
  Available with Ubuntu Pro
• linux-image-kvm - 4.15.0.1159.150
  Available with Ubuntu Pro
• linux-image-lowlatency - 4.15.0.232.216
  Available with Ubuntu Pro
• linux-image-oracle-lts-18.04 - 4.15.0.1138.143
  Available with Ubuntu Pro
• linux-image-virtual - 4.15.0.232.216
  Available with Ubuntu Pro

Ubuntu 16.04

• linux-image-4.15.0-1138-oracle - 4.15.0-1138.149~16.04.1
  Available with Ubuntu Pro
• linux-image-4.15.0-1169-gcp - 4.15.0-1169.186~16.04.1
  Available with Ubuntu Pro
• linux-image-4.15.0-1176-aws - 4.15.0-1176.189~16.04.1
  Available with Ubuntu Pro
• linux-image-4.15.0-232-generic - 4.15.0-232.244~16.04.1
  Available with Ubuntu Pro
• linux-image-4.15.0-232-lowlatency - 4.15.0-232.244~16.04.1
  Available with Ubuntu Pro
• linux-image-aws-hwe - 4.15.0.1176.189~16.04.1
  Available with Ubuntu Pro
• linux-image-gcp - 4.15.0.1169.186~16.04.1
  Available with Ubuntu Pro
• linux-image-generic-hwe-16.04 - 4.15.0.232.244~16.04.1
  Available with Ubuntu Pro
• linux-image-gke - 4.15.0.1169.186~16.04.1
  Available with Ubuntu Pro
• linux-image-lowlatency-hwe-16.04 - 4.15.0.232.244~16.04.1
  Available with Ubuntu Pro
• linux-image-oem - 4.15.0.232.244~16.04.1
  Available with Ubuntu Pro
• linux-image-oracle - 4.15.0.1138.149~16.04.1
  Available with Ubuntu Pro
• linux-image-virtual-hwe-16.04 - 4.15.0.232.244~16.04.1
  Available with Ubuntu Pro

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References

• CVE-2024-35886
• CVE-2024-42153
• CVE-2023-52594
• CVE-2024-53057
• CVE-2024-45021
• CVE-2023-52486
• CVE-2024-36004
• CVE-2024-38633
• CVE-2024-36941
• CVE-2024-43884
• CVE-2024-50264
• CVE-2021-47082
• CVE-2023-52509
• CVE-2024-42077
• CVE-2024-45006
• CVE-2024-36270
• CVE-2021-47076
• CVE-2024-26625
• CVE-2024-26921
• CVE-2024-26777
• CVE-2024-44944
• CVE-2024-42090
• CVE-2023-35827
• CVE-2024-40959
• CVE-2024-42101
• CVE-2023-52507
• CVE-2024-38619
• CVE-2024-49967
• CVE-2024-36946
• CVE-2024-39301
• CVE-2024-36968
• CVE-2024-42156
• CVE-2024-44947
• CVE-2021-47501
• CVE-2024-35847
• CVE-2024-40912
• CVE-2022-36402
• CVE-2024-43856

Related notices

• USN-6893-1
• USN-6896-1
• USN-6898-1
• USN-6893-2
• USN-6896-2
• USN-6898-2
• USN-6896-3
• USN-6898-3
• USN-6896-4
• USN-6896-5
• USN-6893-3
• USN-6898-4
• USN-6917-1
• USN-6918-1
• USN-6919-1
• USN-6927-1
• USN-7019-1
• USN-7183-1
• USN-7184-1
• USN-7003-1
• USN-7003-2
• USN-7006-1
• USN-7003-3
• USN-7007-1
• USN-7009-1
• USN-7007-2
• USN-7007-3
• USN-7009-2
• USN-7003-4
• USN-7003-5
• USN-7089-2
• USN-7089-1
• USN-7090-1
• USN-7089-3
• USN-7095-1
• USN-7089-4
• USN-7089-5
• USN-7089-6
• USN-7089-7
• USN-7156-1
• USN-6688-1
• USN-6766-1
• USN-6767-1
• USN-6767-2
• USN-6766-2
• USN-6766-3
• USN-6795-1
• USN-6818-1
• USN-6819-1
• USN-6818-2
• USN-6828-1
• USN-6819-2
• USN-6819-3
• USN-6818-3
• USN-6818-4
• USN-6819-4
• USN-7163-1
• USN-7167-1
• USN-7169-1
• USN-7170-1
• USN-7173-1
• USN-7179-1
• USN-7169-2
• USN-7173-2
• USN-7179-2
• USN-7179-3
• USN-7186-1
• USN-7167-2
• USN-7169-3
• USN-7088-1
• USN-7088-2
• USN-7088-3
• USN-7088-4
• USN-7100-1
• USN-7100-2
• USN-7088-5
• USN-7119-1
• USN-7123-1
• USN-7144-1
• USN-7154-1
• USN-7155-1
• USN-7154-2
• USN-6949-1
• USN-6952-1
• USN-6955-1
• USN-6949-2
• USN-6951-1
• USN-6953-1
• USN-6951-2
• USN-6951-3
• USN-6951-4
• USN-6979-1
• USN-6999-1
• USN-7004-1
• USN-7005-1
• USN-7005-2
• USN-7008-1
• USN-6999-2
• USN-7029-1
• USN-6950-1
• USN-6950-2
• USN-6957-1
• USN-6956-1
• USN-6950-3
• USN-6950-4
• LSN-0108-1
• USN-7159-1
• USN-7159-2
• USN-7159-3
• USN-7159-4
• USN-7159-5
• USN-6973-1
• USN-6974-1
• USN-6973-2
• USN-6974-2
• USN-6973-3
• USN-6973-4
• LSN-0107-1
• USN-6820-1
• USN-6821-1
• USN-6821-2
• USN-6820-2
• USN-6821-3
• USN-6831-1
• USN-6821-4
• USN-6871-1
• USN-6892-1
• USN-6625-1
• USN-6624-1
• USN-6626-1
• USN-6625-2
• USN-6628-1
• USN-6626-2
• USN-6628-2
• USN-6626-3
• USN-6625-3
• USN-6652-1
• USN-7166-1
• USN-7166-2
• USN-7166-3