LSN-0104-1

Source
https://ubuntu.com/security/notices/LSN-0104-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/lsn/LSN-0104-1.json
JSON Data
https://api.test.osv.dev/v1/vulns/LSN-0104-1
Related
Published
2024-06-10T07:15:31Z
Modified
2024-06-10T07:15:31Z
Summary
Kernel Live Patch Security Notice
Details

It was discovered that the ATA over Ethernet (AoE) driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code.(CVE-2023-6270)

It was discovered that a race condition existed in the AppleTalk networking subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.(CVE-2023-51781)

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetrbtree: skip end interval element from gc rbtree lazy gc on insert might collect an end interval element that has been just added in this transactions, skip end interval elements that are not yet active.(CVE-2024-26581)

In the Linux kernel, the following vulnerability has been resolved: net: qualcomm: rmnet: fix global oob in rmnetpolicy The variable rmnetlink_ops assign a bigger maxtype which leads to a global out-of- bounds read when parsing the netlink attributes.(CVE-2024-26597)

References

Affected packages

Ubuntu:Pro:18.04:LTS / linux-hwe-5.4

Package

Name
linux-hwe-5.4
Purl
pkg:deb/ubuntu/linux-hwe-5.4@5.4.0-189.209~18.04.1?arch=source&distro=esm-infra/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.4.0-189.209~18.04.1

Affected versions

5.*

5.4.0-37.41~18.04.1
5.4.0-39.43~18.04.1
5.4.0-40.44~18.04.1
5.4.0-42.46~18.04.1
5.4.0-45.49~18.04.2
5.4.0-47.51~18.04.1
5.4.0-48.52~18.04.1
5.4.0-51.56~18.04.1
5.4.0-52.57~18.04.1
5.4.0-53.59~18.04.1
5.4.0-54.60~18.04.1
5.4.0-56.62~18.04.1
5.4.0-58.64~18.04.1
5.4.0-59.65~18.04.1
5.4.0-60.67~18.04.1
5.4.0-62.70~18.04.1
5.4.0-64.72~18.04.1
5.4.0-65.73~18.04.1
5.4.0-66.74~18.04.2
5.4.0-67.75~18.04.1
5.4.0-70.78~18.04.1
5.4.0-71.79~18.04.1
5.4.0-72.80~18.04.1
5.4.0-73.82~18.04.1
5.4.0-74.83~18.04.1
5.4.0-77.86~18.04.1
5.4.0-80.90~18.04.1
5.4.0-81.91~18.04.1
5.4.0-84.94~18.04.1
5.4.0-86.97~18.04.1
5.4.0-87.98~18.04.1
5.4.0-89.100~18.04.1
5.4.0-90.101~18.04.1
5.4.0-91.102~18.04.1
5.4.0-92.103~18.04.2
5.4.0-94.106~18.04.1
5.4.0-96.109~18.04.1
5.4.0-97.110~18.04.1
5.4.0-99.112~18.04.1
5.4.0-100.113~18.04.1
5.4.0-104.118~18.04.1
5.4.0-105.119~18.04.1
5.4.0-107.121~18.04.1
5.4.0-109.123~18.04.1
5.4.0-110.124~18.04.1
5.4.0-113.127~18.04.1
5.4.0-117.132~18.04.1
5.4.0-120.136~18.04.1
5.4.0-121.137~18.04.1
5.4.0-122.138~18.04.1
5.4.0-124.140~18.04.1
5.4.0-125.141~18.04.1
5.4.0-126.142~18.04.1
5.4.0-128.144~18.04.1
5.4.0-131.147~18.04.1
5.4.0-132.148~18.04.1
5.4.0-133.149~18.04.1
5.4.0-135.152~18.04.2
5.4.0-136.153~18.04.1
5.4.0-137.154~18.04.1
5.4.0-139.156~18.04.1
5.4.0-144.161~18.04.1
5.4.0-146.163~18.04.1
5.4.0-147.164~18.04.1
5.4.0-148.165~18.04.1
5.4.0-149.166~18.04.1
5.4.0-150.167~18.04.1
5.4.0-152.169~18.04.1
5.4.0-153.170~18.04.1
5.4.0-155.172~18.04.1
5.4.0-156.173~18.04.1
5.4.0-159.176~18.04.1
5.4.0-162.179~18.04.1
5.4.0-163.180~18.04.1
5.4.0-164.181~18.04.1
5.4.0-165.182~18.04.1
5.4.0-166.183~18.04.2
5.4.0-167.184~18.04.1
5.4.0-169.187~18.04.1
5.4.0-170.188~18.04.1
5.4.0-171.189~18.04.1
5.4.0-172.190~18.04.1
5.4.0-173.191~18.04.1
5.4.0-174.193~18.04.1
5.4.0-175.195~18.04.1
5.4.0-177.197~18.04.1
5.4.0-181.201~18.04.1
5.4.0-182.202~18.04.1
5.4.0-186.206~18.04.1
5.4.0-187.207~18.04.1

Ecosystem specific

{
    "availability": "Livepatch subscription required",
    "module_name_regex": "lkp_Ubuntu_5_4_0[_|\\d]+_(?:generic|lowlatency)_(\\d+)"
}

Ubuntu:Pro:20.04:LTS / linux-aws-5.15

Package

Name
linux-aws-5.15
Purl
pkg:deb/ubuntu/linux-aws-5.15@5.15.0-1063.69~20.04.1?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.15.0-1063.69~20.04.1

Affected versions

5.*

5.15.0-1014.18~20.04.1
5.15.0-1015.19~20.04.1
5.15.0-1017.21~20.04.1
5.15.0-1019.23~20.04.1
5.15.0-1020.24~20.04.1
5.15.0-1021.25~20.04.1
5.15.0-1022.26~20.04.1
5.15.0-1023.27~20.04.1
5.15.0-1026.30~20.04.2
5.15.0-1027.31~20.04.1
5.15.0-1028.32~20.04.1
5.15.0-1030.34~20.04.1
5.15.0-1031.35~20.04.1
5.15.0-1033.37~20.04.1
5.15.0-1034.38~20.04.1
5.15.0-1035.39~20.04.1
5.15.0-1036.40~20.04.1
5.15.0-1037.41~20.04.1
5.15.0-1038.43~20.04.1
5.15.0-1039.44~20.04.1
5.15.0-1040.45~20.04.1
5.15.0-1041.46~20.04.1
5.15.0-1043.48~20.04.1
5.15.0-1044.49~20.04.1
5.15.0-1045.50~20.04.1
5.15.0-1047.52~20.04.1
5.15.0-1048.53~20.04.1
5.15.0-1049.54~20.04.1
5.15.0-1050.55~20.04.1
5.15.0-1051.56~20.04.1
5.15.0-1052.57~20.04.1
5.15.0-1053.58~20.04.1
5.15.0-1055.60~20.04.1
5.15.0-1056.61~20.04.1
5.15.0-1057.63~20.04.1
5.15.0-1058.64~20.04.1
5.15.0-1061.67~20.04.1
5.15.0-1062.68~20.04.1

Ecosystem specific

{
    "availability": "Livepatch subscription required",
    "module_name_regex": "lkp_Ubuntu_5_15_0[_|\\d]+_aws_(\\d+)"
}

Ubuntu:Pro:22.04:LTS / linux-aws

Package

Name
linux-aws
Purl
pkg:deb/ubuntu/linux-aws@5.15.0-1063.69?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.15.0-1063.69

Affected versions

5.*

5.13.0-1005.6
5.15.0-1002.4
5.15.0-1003.5
5.15.0-1004.6
5.15.0-1005.7
5.15.0-1008.10
5.15.0-1009.11
5.15.0-1011.14
5.15.0-1013.17
5.15.0-1014.18
5.15.0-1015.19
5.15.0-1017.21
5.15.0-1019.23
5.15.0-1020.24
5.15.0-1021.25
5.15.0-1022.26
5.15.0-1023.27
5.15.0-1026.30
5.15.0-1027.31
5.15.0-1028.32
5.15.0-1030.34
5.15.0-1031.35
5.15.0-1033.37
5.15.0-1034.38
5.15.0-1035.39
5.15.0-1036.40
5.15.0-1037.41
5.15.0-1038.43
5.15.0-1039.44
5.15.0-1040.45
5.15.0-1042.47
5.15.0-1043.48
5.15.0-1044.49
5.15.0-1045.50
5.15.0-1047.52
5.15.0-1048.53
5.15.0-1049.54
5.15.0-1050.55
5.15.0-1051.56
5.15.0-1052.57
5.15.0-1053.58
5.15.0-1055.60
5.15.0-1056.61
5.15.0-1057.63
5.15.0-1060.66
5.15.0-1061.67
5.15.0-1062.68

Ecosystem specific

{
    "availability": "Livepatch subscription required",
    "module_name_regex": "lkp_Ubuntu_5_15_0[_|\\d]+_aws_(\\d+)"
}

Ubuntu:Pro:24.04:LTS / linux-aws

Package

Name
linux-aws
Purl
pkg:deb/ubuntu/linux-aws@6.8.0-1009.9?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.8.0-1009.9

Affected versions

6.*

6.5.0-1008.8
6.6.0-1001.1
6.8.0-1001.1
6.8.0-1006.6
6.8.0-1008.8

Ecosystem specific

{
    "availability": "Livepatch subscription required",
    "module_name_regex": "lkp_Ubuntu_6_8_0[_|\\d]+_aws_(\\d+)"
}