Ubuntu Security Notice 7004-1 - Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service.

    ==========================================================================Ubuntu Security Notice USN-7004-1September 12, 2024linux-azure vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 24.04 LTSSummary:Several security issues were fixed in the Linux kernel.Software Description:- linux-azure: Linux kernel for Microsoft Azure Cloud systemsDetails:Chenyuan Yang discovered that the CEC driver driver in the Linux kernelcontained a use-after-free vulnerability. A local attacker could use thisto cause a denial of service (system crash) or possibly execute arbitrarycode. (CVE-2024-23848)It was discovered that the JFS file system contained an out-of-bounds readvulnerability when printing xattr debug information. A local attacker coulduse this to cause a denial of service (system crash). (CVE-2024-40902)Several security issues were discovered in the Linux kernel.An attacker could possibly use these to compromise the system.This update corrects flaws in the following subsystems:  - ARM64 architecture;  - MIPS architecture;  - PA-RISC architecture;  - PowerPC architecture;  - RISC-V architecture;  - x86 architecture;  - Block layer subsystem;  - ACPI drivers;  - Drivers core;  - Null block device driver;  - Character device driver;  - TPM device driver;  - Clock framework and drivers;  - CPU frequency scaling framework;  - Hardware crypto device drivers;  - CXL (Compute Express Link) drivers;  - Buffer Sharing and Synchronization framework;  - DMA engine subsystem;  - EFI core;  - FPGA Framework;  - GPU drivers;  - Greybus drivers;  - HID subsystem;  - HW tracing;  - I2C subsystem;  - IIO subsystem;  - InfiniBand drivers;  - Input Device (Mouse) drivers;  - Mailbox framework;  - Media drivers;  - Microchip PCI driver;  - VMware VMCI Driver;  - Network drivers;  - PCI subsystem;  - x86 platform drivers;  - PTP clock framework;  - S/390 drivers;  - SCSI drivers;  - SoundWire subsystem;  - Sonic Silicon Backplane drivers;  - Greybus lights staging drivers;  - Thermal drivers;  - TTY drivers;  - USB subsystem;  - VFIO drivers;  - Framebuffer layer;  - Watchdog drivers;  - 9P distributed file system;  - BTRFS file system;  - File systems infrastructure;  - Ext4 file system;  - F2FS file system;  - JFS file system;  - Network file system server daemon;  - NILFS2 file system;  - NTFS3 file system;  - SMB network file system;  - Tracing file system;  - IOMMU subsystem;  - Tracing infrastructure;  - io_uring subsystem;  - Core kernel;  - BPF subsystem;  - Kernel debugger infrastructure;  - DMA mapping infrastructure;  - IRQ subsystem;  - Memory management;  - 9P file system network protocol;  - Amateur Radio drivers;  - B.A.T.M.A.N. meshing protocol;  - Ethernet bridge;  - Networking core;  - Ethtool driver;  - IPv4 networking;  - IPv6 networking;  - MAC80211 subsystem;  - Multipath TCP;  - Netfilter;  - NET/ROM layer;  - NFC subsystem;  - Network traffic control;  - Sun RPC protocol;  - TIPC protocol;  - TLS protocol;  - Unix domain sockets;  - Wireless networking;  - XFRM subsystem;  - AppArmor security module;  - Integrity Measurement Architecture(IMA) framework;  - Landlock security;  - Linux Security Modules (LSM) Framework;  - SELinux security module;  - Simplified Mandatory Access Control Kernel framework;  - ALSA framework;  - HD-audio driver;  - SOF drivers;  - KVM core;(CVE-2024-36270, CVE-2024-38627, CVE-2024-39508, CVE-2024-41001,CVE-2024-38634, CVE-2024-40979, CVE-2024-40903, CVE-2024-34030,CVE-2024-38621, CVE-2024-34027, CVE-2024-39504, CVE-2024-38385,CVE-2024-36288, CVE-2024-39301, CVE-2024-38628, CVE-2024-42270,CVE-2024-39507, CVE-2024-36286, CVE-2024-40960, CVE-2024-36479,CVE-2024-41002, CVE-2024-36974, CVE-2024-40943, CVE-2024-40976,CVE-2024-38662, CVE-2024-40995, CVE-2024-39497, CVE-2024-31076,CVE-2024-39371, CVE-2024-40983, CVE-2024-40985, CVE-2024-38618,CVE-2024-40914, CVE-2024-40989, CVE-2024-40973, CVE-2024-38663,CVE-2024-39463, CVE-2024-38633, CVE-2024-36978, CVE-2024-40970,CVE-2024-40932, CVE-2024-39480, CVE-2024-39471, CVE-2024-40962,CVE-2024-40986, CVE-2024-40937, CVE-2024-39469, CVE-2024-40904,CVE-2024-39466, CVE-2024-38388, CVE-2024-39494, CVE-2024-41004,CVE-2024-38381, CVE-2022-48772, CVE-2024-33847, CVE-2024-40969,CVE-2024-40957, CVE-2024-40933, CVE-2024-37354, CVE-2024-39468,CVE-2024-40917, CVE-2024-38623, CVE-2024-40958, CVE-2024-39502,CVE-2024-38384, CVE-2024-39506, CVE-2024-40940, CVE-2024-34777,CVE-2024-41005, CVE-2024-39470, CVE-2024-39464, CVE-2024-39492,CVE-2024-38629, CVE-2024-39505, CVE-2024-40952, CVE-2024-40941,CVE-2024-39474, CVE-2024-38664, CVE-2024-40929, CVE-2024-39489,CVE-2024-40953, CVE-2024-40916, CVE-2024-40911, CVE-2024-32936,CVE-2024-40934, CVE-2024-37078, CVE-2024-39483, CVE-2024-40967,CVE-2024-40924, CVE-2024-39462, CVE-2024-40981, CVE-2024-36281,CVE-2024-39291, CVE-2024-39481, CVE-2024-40978, CVE-2024-38622,CVE-2024-39503, CVE-2024-40956, CVE-2023-52884, CVE-2024-39498,CVE-2024-38661, CVE-2024-40918, CVE-2024-39479, CVE-2024-40915,CVE-2024-39501, CVE-2024-39488, CVE-2024-40925, CVE-2024-40930,CVE-2024-40961, CVE-2024-40951, CVE-2024-38636, CVE-2024-39491,CVE-2024-39495, CVE-2024-39509, CVE-2024-40947, CVE-2024-36477,CVE-2024-36478, CVE-2024-42148, CVE-2024-39473, CVE-2024-39510,CVE-2024-40923, CVE-2024-38624, CVE-2024-38659, CVE-2024-36971,CVE-2024-38625, CVE-2024-40913, CVE-2024-35247, CVE-2024-36481,CVE-2024-36484, CVE-2024-40928, CVE-2024-40927, CVE-2024-40944,CVE-2024-39485, CVE-2024-36244, CVE-2024-40910, CVE-2024-40945,CVE-2024-33621, CVE-2024-38667, CVE-2024-40992, CVE-2024-40908,CVE-2024-40901, CVE-2024-40906, CVE-2024-38390, CVE-2024-40900,CVE-2024-41006, CVE-2024-40968, CVE-2024-40966, CVE-2024-40977,CVE-2024-33619, CVE-2024-39496, CVE-2024-38630, CVE-2024-40920,CVE-2024-39499, CVE-2024-40899, CVE-2024-41003, CVE-2024-40964,CVE-2024-40922, CVE-2024-38632, CVE-2024-40931, CVE-2024-40982,CVE-2024-40971, CVE-2024-39277, CVE-2024-39467, CVE-2024-36015,CVE-2024-40954, CVE-2024-40938, CVE-2024-40921, CVE-2024-39296,CVE-2024-41040, CVE-2024-40965, CVE-2024-39465, CVE-2024-40984,CVE-2024-39478, CVE-2024-40990, CVE-2024-40926, CVE-2024-40980,CVE-2024-40905, CVE-2024-39475, CVE-2024-40959, CVE-2024-40902,CVE-2024-38780, CVE-2024-40935, CVE-2024-37021, CVE-2024-40997,CVE-2024-40936, CVE-2024-40987, CVE-2024-40939, CVE-2024-37026,CVE-2024-36973, CVE-2024-40972, CVE-2024-42078, CVE-2024-38306,CVE-2024-40949, CVE-2024-36489, CVE-2024-38637, CVE-2024-40912,CVE-2024-39276, CVE-2024-39493, CVE-2024-40994, CVE-2024-40948,CVE-2024-36972, CVE-2024-40942, CVE-2024-37356, CVE-2024-38619,CVE-2024-40988, CVE-2024-38635, CVE-2024-41000, CVE-2024-40955,CVE-2024-40999, CVE-2024-40974, CVE-2024-39490, CVE-2024-39298,CVE-2024-40975, CVE-2024-40998, CVE-2024-40996, CVE-2024-40963,CVE-2024-40909, CVE-2024-40919, CVE-2024-39500, CVE-2024-39461)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 24.04 LTS  linux-image-6.8.0-1014-azure    6.8.0-1014.16  linux-image-6.8.0-1014-azure-fde  6.8.0-1014.16  linux-image-azure               6.8.0-1014.16  linux-image-azure-fde           6.8.0-1014.16After a standard system update you need to reboot your computer to makeall the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed.Unless you manually uninstalled the standard kernel metapackages(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,linux-powerpc), a standard system upgrade will automatically performthis as well.References:  https://ubuntu.com/security/notices/USN-7004-1  CVE-2022-48772, CVE-2023-52884, CVE-2024-23848, CVE-2024-31076,  CVE-2024-32936, CVE-2024-33619, CVE-2024-33621, CVE-2024-33847,  CVE-2024-34027, CVE-2024-34030, CVE-2024-34777, CVE-2024-35247,  CVE-2024-36015, CVE-2024-36244, CVE-2024-36270, CVE-2024-36281,  CVE-2024-36286, CVE-2024-36288, CVE-2024-36477, CVE-2024-36478,  CVE-2024-36479, CVE-2024-36481, CVE-2024-36484, CVE-2024-36489,  CVE-2024-36971, CVE-2024-36972, CVE-2024-36973, CVE-2024-36974,  CVE-2024-36978, CVE-2024-37021, CVE-2024-37026, CVE-2024-37078,  CVE-2024-37354, CVE-2024-37356, CVE-2024-38306, CVE-2024-38381,  CVE-2024-38384, CVE-2024-38385, CVE-2024-38388, CVE-2024-38390,  CVE-2024-38618, CVE-2024-38619, CVE-2024-38621, CVE-2024-38622,  CVE-2024-38623, CVE-2024-38624, CVE-2024-38625, CVE-2024-38627,  CVE-2024-38628, CVE-2024-38629, CVE-2024-38630, CVE-2024-38632,  CVE-2024-38633, CVE-2024-38634, CVE-2024-38635, CVE-2024-38636,  CVE-2024-38637, CVE-2024-38659, CVE-2024-38661, CVE-2024-38662,  CVE-2024-38663, CVE-2024-38664, CVE-2024-38667, CVE-2024-38780,  CVE-2024-39276, CVE-2024-39277, CVE-2024-39291, CVE-2024-39296,  CVE-2024-39298, CVE-2024-39301, CVE-2024-39371, CVE-2024-39461,  CVE-2024-39462, CVE-2024-39463, CVE-2024-39464, CVE-2024-39465,  CVE-2024-39466, CVE-2024-39467, CVE-2024-39468, CVE-2024-39469,  CVE-2024-39470, CVE-2024-39471, CVE-2024-39473, CVE-2024-39474,  CVE-2024-39475, CVE-2024-39478, CVE-2024-39479, CVE-2024-39480,  CVE-2024-39481, CVE-2024-39483, CVE-2024-39485, CVE-2024-39488,  CVE-2024-39489, CVE-2024-39490, CVE-2024-39491, CVE-2024-39492,  CVE-2024-39493, CVE-2024-39494, CVE-2024-39495, CVE-2024-39496,  CVE-2024-39497, CVE-2024-39498, CVE-2024-39499, CVE-2024-39500,  CVE-2024-39501, CVE-2024-39502, CVE-2024-39503, CVE-2024-39504,  CVE-2024-39505, CVE-2024-39506, CVE-2024-39507, CVE-2024-39508,  CVE-2024-39509, CVE-2024-39510, CVE-2024-40899, CVE-2024-40900,  CVE-2024-40901, CVE-2024-40902, CVE-2024-40903, CVE-2024-40904,  CVE-2024-40905, CVE-2024-40906, CVE-2024-40908, CVE-2024-40909,  CVE-2024-40910, CVE-2024-40911, CVE-2024-40912, CVE-2024-40913,  CVE-2024-40914, CVE-2024-40915, CVE-2024-40916, CVE-2024-40917,  CVE-2024-40918, CVE-2024-40919, CVE-2024-40920, CVE-2024-40921,  CVE-2024-40922, CVE-2024-40923, CVE-2024-40924, CVE-2024-40925,  CVE-2024-40926, CVE-2024-40927, CVE-2024-40928, CVE-2024-40929,  CVE-2024-40930, CVE-2024-40931, CVE-2024-40932, CVE-2024-40933,  CVE-2024-40934, CVE-2024-40935, CVE-2024-40936, CVE-2024-40937,  CVE-2024-40938, CVE-2024-40939, CVE-2024-40940, CVE-2024-40941,  CVE-2024-40942, CVE-2024-40943, CVE-2024-40944, CVE-2024-40945,  CVE-2024-40947, CVE-2024-40948, CVE-2024-40949, CVE-2024-40951,  CVE-2024-40952, CVE-2024-40953, CVE-2024-40954, CVE-2024-40955,  CVE-2024-40956, CVE-2024-40957, CVE-2024-40958, CVE-2024-40959,  CVE-2024-40960, CVE-2024-40961, CVE-2024-40962, CVE-2024-40963,  CVE-2024-40964, CVE-2024-40965, CVE-2024-40966, CVE-2024-40967,  CVE-2024-40968, CVE-2024-40969, CVE-2024-40970, CVE-2024-40971,  CVE-2024-40972, CVE-2024-40973, CVE-2024-40974, CVE-2024-40975,  CVE-2024-40976, CVE-2024-40977, CVE-2024-40978, CVE-2024-40979,  CVE-2024-40980, CVE-2024-40981, CVE-2024-40982, CVE-2024-40983,  CVE-2024-40984, CVE-2024-40985, CVE-2024-40986, CVE-2024-40987,  CVE-2024-40988, CVE-2024-40989, CVE-2024-40990, CVE-2024-40992,  CVE-2024-40994, CVE-2024-40995, CVE-2024-40996, CVE-2024-40997,  CVE-2024-40998, CVE-2024-40999, CVE-2024-41000, CVE-2024-41001,  CVE-2024-41002, CVE-2024-41003, CVE-2024-41004, CVE-2024-41005,  CVE-2024-41006, CVE-2024-41040, CVE-2024-42078, CVE-2024-42148,  CVE-2024-42270Package Information:  https://launchpad.net/ubuntu/+source/linux-azure/6.8.0-1014.16

Ubuntu Security Notice USN-7004-1

Ubuntu Security Notice 7003-2 - It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

    ==========================================================================Ubuntu Security Notice USN-7003-2September 12, 2024linux-aws-5.4, linux-azure-5.4, linux-gcp-5.4, linux-hwe-5.4,linux-ibm-5.4, linux-oracle-5.4, linux-raspi-5.4 vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 18.04 LTSSummary:Several security issues were fixed in the Linux kernel.Software Description:- linux-aws-5.4: Linux kernel for Amazon Web Services (AWS) systems- linux-azure-5.4: Linux kernel for Microsoft Azure cloud systems- linux-gcp-5.4: Linux kernel for Google Cloud Platform (GCP) systems- linux-hwe-5.4: Linux hardware enablement (HWE) kernel- linux-ibm-5.4: Linux kernel for IBM cloud systems- linux-oracle-5.4: Linux kernel for Oracle Cloud systems- linux-raspi-5.4: Linux kernel for Raspberry Pi systemsDetails:It was discovered that the JFS file system contained an out-of-bounds readvulnerability when printing xattr debug information. A local attacker coulduse this to cause a denial of service (system crash). (CVE-2024-40902)Several security issues were discovered in the Linux kernel.An attacker could possibly use these to compromise the system.This update corrects flaws in the following subsystems:  - MIPS architecture;  - PowerPC architecture;  - x86 architecture;  - ACPI drivers;  - Serial ATA and Parallel ATA drivers;  - Drivers core;  - GPIO subsystem;  - GPU drivers;  - Greybus drivers;  - HID subsystem;  - I2C subsystem;  - IIO subsystem;  - InfiniBand drivers;  - Media drivers;  - VMware VMCI Driver;  - Network drivers;  - Pin controllers subsystem;  - S/390 drivers;  - SCSI drivers;  - USB subsystem;  - JFFS2 file system;  - JFS file system;  - File systems infrastructure;  - NILFS2 file system;  - IOMMU subsystem;  - Sun RPC protocol;  - Netfilter;  - Memory management;  - B.A.T.M.A.N. meshing protocol;  - CAN network layer;  - Ceph Core library;  - Networking core;  - IPv4 networking;  - IPv6 networking;  - IUCV driver;  - MAC80211 subsystem;  - NET/ROM layer;  - Network traffic control;  - SoC Audio for Freescale CPUs drivers;(CVE-2024-40941, CVE-2024-42086, CVE-2024-41097, CVE-2024-40958,CVE-2024-41089, CVE-2024-40942, CVE-2024-40968, CVE-2024-40934,CVE-2024-40902, CVE-2024-42124, CVE-2023-52887, CVE-2024-42115,CVE-2024-41041, CVE-2024-39501, CVE-2024-40932, CVE-2024-42102,CVE-2024-40960, CVE-2024-39487, CVE-2024-39503, CVE-2024-40945,CVE-2024-40959, CVE-2024-40987, CVE-2024-40995, CVE-2024-40988,CVE-2024-42084, CVE-2024-40943, CVE-2024-42070, CVE-2024-40904,CVE-2024-41049, CVE-2024-41046, CVE-2024-39502, CVE-2024-42097,CVE-2024-42090, CVE-2024-42236, CVE-2024-42223, CVE-2024-42094,CVE-2024-41007, CVE-2024-42105, CVE-2024-41035, CVE-2024-41087,CVE-2024-42157, CVE-2024-39495, CVE-2024-36894, CVE-2024-40916,CVE-2024-39469, CVE-2024-40974, CVE-2024-42153, CVE-2024-36974,CVE-2024-42096, CVE-2024-42232, CVE-2024-40980, CVE-2024-41034,CVE-2024-42087, CVE-2024-42093, CVE-2024-41095, CVE-2024-42145,CVE-2024-42148, CVE-2023-52803, CVE-2024-39499, CVE-2024-42104,CVE-2024-42224, CVE-2024-37078, CVE-2024-42092, CVE-2024-39505,CVE-2024-38619, CVE-2024-42106, CVE-2024-40978, CVE-2024-41044,CVE-2024-42089, CVE-2024-40981, CVE-2024-42154, CVE-2024-36978,CVE-2024-42076, CVE-2024-40984, CVE-2024-42127, CVE-2024-42119,CVE-2024-40961, CVE-2024-39509, CVE-2024-42101, CVE-2024-40901,CVE-2024-40963, CVE-2024-40905, CVE-2024-39506, CVE-2024-40912,CVE-2024-41006)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 18.04 LTS  linux-image-5.4.0-1079-ibm      5.4.0-1079.84~18.04.1          Available with Ubuntu Pro  linux-image-5.4.0-1115-raspi    5.4.0-1115.127~18.04.1          Available with Ubuntu Pro  linux-image-5.4.0-1131-oracle   5.4.0-1131.140~18.04.1          Available with Ubuntu Pro  linux-image-5.4.0-1132-aws      5.4.0-1132.142~18.04.1          Available with Ubuntu Pro  linux-image-5.4.0-1136-gcp      5.4.0-1136.145~18.04.1          Available with Ubuntu Pro  linux-image-5.4.0-1137-azure    5.4.0-1137.144~18.04.1          Available with Ubuntu Pro  linux-image-5.4.0-195-generic   5.4.0-195.215~18.04.1          Available with Ubuntu Pro  linux-image-5.4.0-195-lowlatency  5.4.0-195.215~18.04.1          Available with Ubuntu Pro  linux-image-aws                 5.4.0.1132.142~18.04.1          Available with Ubuntu Pro  linux-image-azure               5.4.0.1137.144~18.04.1          Available with Ubuntu Pro  linux-image-gcp                 5.4.0.1136.145~18.04.1          Available with Ubuntu Pro  linux-image-generic-hwe-18.04   5.4.0.195.215~18.04.1          Available with Ubuntu Pro  linux-image-ibm                 5.4.0.1079.84~18.04.1          Available with Ubuntu Pro  linux-image-lowlatency-hwe-18.04  5.4.0.195.215~18.04.1          Available with Ubuntu Pro  linux-image-oem                 5.4.0.195.215~18.04.1          Available with Ubuntu Pro  linux-image-oem-osp1            5.4.0.195.215~18.04.1          Available with Ubuntu Pro  linux-image-oracle              5.4.0.1131.140~18.04.1          Available with Ubuntu Pro  linux-image-raspi-hwe-18.04     5.4.0.1115.127~18.04.1          Available with Ubuntu Pro  linux-image-snapdragon-hwe-18.04  5.4.0.195.215~18.04.1          Available with Ubuntu Pro  linux-image-virtual-hwe-18.04   5.4.0.195.215~18.04.1          Available with Ubuntu ProAfter a standard system update you need to reboot your computer to makeall the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed.Unless you manually uninstalled the standard kernel metapackages(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,linux-powerpc), a standard system upgrade will automatically performthis as well.References:  https://ubuntu.com/security/notices/USN-7003-2  https://ubuntu.com/security/notices/USN-7003-1  CVE-2023-52803, CVE-2023-52887, CVE-2024-36894, CVE-2024-36974,  CVE-2024-36978, CVE-2024-37078, CVE-2024-38619, CVE-2024-39469,  CVE-2024-39487, CVE-2024-39495, CVE-2024-39499, CVE-2024-39501,  CVE-2024-39502, CVE-2024-39503, CVE-2024-39505, CVE-2024-39506,  CVE-2024-39509, CVE-2024-40901, CVE-2024-40902, CVE-2024-40904,  CVE-2024-40905, CVE-2024-40912, CVE-2024-40916, CVE-2024-40932,  CVE-2024-40934, CVE-2024-40941, CVE-2024-40942, CVE-2024-40943,  CVE-2024-40945, CVE-2024-40958, CVE-2024-40959, CVE-2024-40960,  CVE-2024-40961, CVE-2024-40963, CVE-2024-40968, CVE-2024-40974,  CVE-2024-40978, CVE-2024-40980, CVE-2024-40981, CVE-2024-40984,  CVE-2024-40987, CVE-2024-40988, CVE-2024-40995, CVE-2024-41006,  CVE-2024-41007, CVE-2024-41034, CVE-2024-41035, CVE-2024-41041,  CVE-2024-41044, CVE-2024-41046, CVE-2024-41049, CVE-2024-41087,  CVE-2024-41089, CVE-2024-41095, CVE-2024-41097, CVE-2024-42070,  CVE-2024-42076, CVE-2024-42084, CVE-2024-42086, CVE-2024-42087,  CVE-2024-42089, CVE-2024-42090, CVE-2024-42092, CVE-2024-42093,  CVE-2024-42094, CVE-2024-42096, CVE-2024-42097, CVE-2024-42101,  CVE-2024-42102, CVE-2024-42104, CVE-2024-42105, CVE-2024-42106,  CVE-2024-42115, CVE-2024-42119, CVE-2024-42124, CVE-2024-42127,  CVE-2024-42145, CVE-2024-42148, CVE-2024-42153, CVE-2024-42154,  CVE-2024-42157, CVE-2024-42223, CVE-2024-42224, CVE-2024-42232,  CVE-2024-42236

Ubuntu Security Notice USN-7003-2

Ubuntu Security Notice 7003-1 - It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

    ==========================================================================Ubuntu Security Notice USN-7003-1September 12, 2024linux, linux-aws, linux-azure, linux-bluefield, linux-gcp, linux-gkeop,linux-ibm, linux-kvm, linux-oracle vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 20.04 LTSSummary:Several security issues were fixed in the Linux kernel.Software Description:- linux: Linux kernel- linux-aws: Linux kernel for Amazon Web Services (AWS) systems- linux-azure: Linux kernel for Microsoft Azure Cloud systems- linux-bluefield: Linux kernel for NVIDIA BlueField platforms- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems- linux-gkeop: Linux kernel for Google Container Engine (GKE) systems- linux-ibm: Linux kernel for IBM cloud systems- linux-kvm: Linux kernel for cloud environments- linux-oracle: Linux kernel for Oracle Cloud systemsDetails:It was discovered that the JFS file system contained an out-of-bounds readvulnerability when printing xattr debug information. A local attacker coulduse this to cause a denial of service (system crash). (CVE-2024-40902)Several security issues were discovered in the Linux kernel.An attacker could possibly use these to compromise the system.This update corrects flaws in the following subsystems:  - MIPS architecture;  - PowerPC architecture;  - x86 architecture;  - ACPI drivers;  - Serial ATA and Parallel ATA drivers;  - Drivers core;  - GPIO subsystem;  - GPU drivers;  - Greybus drivers;  - HID subsystem;  - I2C subsystem;  - IIO subsystem;  - InfiniBand drivers;  - Media drivers;  - VMware VMCI Driver;  - Network drivers;  - Pin controllers subsystem;  - S/390 drivers;  - SCSI drivers;  - USB subsystem;  - JFFS2 file system;  - JFS file system;  - File systems infrastructure;  - NILFS2 file system;  - IOMMU subsystem;  - Sun RPC protocol;  - Netfilter;  - Memory management;  - B.A.T.M.A.N. meshing protocol;  - CAN network layer;  - Ceph Core library;  - Networking core;  - IPv4 networking;  - IPv6 networking;  - IUCV driver;  - MAC80211 subsystem;  - NET/ROM layer;  - Network traffic control;  - SoC Audio for Freescale CPUs drivers;(CVE-2024-40905, CVE-2024-41095, CVE-2024-41035, CVE-2024-36974,CVE-2024-40959, CVE-2024-40978, CVE-2024-42236, CVE-2024-40963,CVE-2024-40916, CVE-2024-41006, CVE-2024-39495, CVE-2023-52803,CVE-2024-42070, CVE-2024-41041, CVE-2024-42157, CVE-2024-36894,CVE-2024-42153, CVE-2024-42127, CVE-2024-42224, CVE-2024-40932,CVE-2024-42105, CVE-2024-40968, CVE-2024-41044, CVE-2024-41046,CVE-2023-52887, CVE-2024-42094, CVE-2024-40960, CVE-2024-41007,CVE-2024-40961, CVE-2024-39487, CVE-2024-39502, CVE-2024-42086,CVE-2024-36978, CVE-2024-39503, CVE-2024-41049, CVE-2024-42090,CVE-2024-42232, CVE-2024-39499, CVE-2024-40902, CVE-2024-37078,CVE-2024-39501, CVE-2024-42119, CVE-2024-40901, CVE-2024-42101,CVE-2024-42104, CVE-2024-42145, CVE-2024-41097, CVE-2024-40942,CVE-2024-41034, CVE-2024-40904, CVE-2024-41089, CVE-2024-42084,CVE-2024-42093, CVE-2024-40945, CVE-2024-40958, CVE-2024-42124,CVE-2024-40987, CVE-2024-40912, CVE-2024-39506, CVE-2024-40941,CVE-2024-39509, CVE-2024-40974, CVE-2024-39505, CVE-2024-42115,CVE-2024-40988, CVE-2024-40995, CVE-2024-42097, CVE-2024-41087,CVE-2024-42106, CVE-2024-40984, CVE-2024-40981, CVE-2024-42102,CVE-2024-42148, CVE-2024-42154, CVE-2024-42096, CVE-2024-40934,CVE-2024-40980, CVE-2024-42076, CVE-2024-40943, CVE-2024-42092,CVE-2024-42089, CVE-2024-42223, CVE-2024-38619, CVE-2024-42087,CVE-2024-39469)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 20.04 LTS  linux-image-5.4.0-1079-ibm      5.4.0-1079.84  linux-image-5.4.0-1092-bluefield  5.4.0-1092.99  linux-image-5.4.0-1099-gkeop    5.4.0-1099.103  linux-image-5.4.0-1120-kvm      5.4.0-1120.128  linux-image-5.4.0-1131-oracle   5.4.0-1131.140  linux-image-5.4.0-1132-aws      5.4.0-1132.142  linux-image-5.4.0-1136-gcp      5.4.0-1136.145  linux-image-5.4.0-1137-azure    5.4.0-1137.144  linux-image-5.4.0-195-generic   5.4.0-195.215  linux-image-5.4.0-195-generic-lpae  5.4.0-195.215  linux-image-5.4.0-195-lowlatency  5.4.0-195.215  linux-image-aws-lts-20.04       5.4.0.1132.129  linux-image-azure-lts-20.04     5.4.0.1137.131  linux-image-bluefield           5.4.0.1092.88  linux-image-gcp-lts-20.04       5.4.0.1136.138  linux-image-generic             5.4.0.195.193  linux-image-generic-lpae        5.4.0.195.193  linux-image-gkeop               5.4.0.1099.97  linux-image-gkeop-5.4           5.4.0.1099.97  linux-image-ibm-lts-20.04       5.4.0.1079.108  linux-image-kvm                 5.4.0.1120.116  linux-image-lowlatency          5.4.0.195.193  linux-image-oem                 5.4.0.195.193  linux-image-oem-osp1            5.4.0.195.193  linux-image-oracle-lts-20.04    5.4.0.1131.124  linux-image-virtual             5.4.0.195.193After a standard system update you need to reboot your computer to makeall the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed.Unless you manually uninstalled the standard kernel metapackages(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,linux-powerpc), a standard system upgrade will automatically performthis as well.References:  https://ubuntu.com/security/notices/USN-7003-1  CVE-2023-52803, CVE-2023-52887, CVE-2024-36894, CVE-2024-36974,  CVE-2024-36978, CVE-2024-37078, CVE-2024-38619, CVE-2024-39469,  CVE-2024-39487, CVE-2024-39495, CVE-2024-39499, CVE-2024-39501,  CVE-2024-39502, CVE-2024-39503, CVE-2024-39505, CVE-2024-39506,  CVE-2024-39509, CVE-2024-40901, CVE-2024-40902, CVE-2024-40904,  CVE-2024-40905, CVE-2024-40912, CVE-2024-40916, CVE-2024-40932,  CVE-2024-40934, CVE-2024-40941, CVE-2024-40942, CVE-2024-40943,  CVE-2024-40945, CVE-2024-40958, CVE-2024-40959, CVE-2024-40960,  CVE-2024-40961, CVE-2024-40963, CVE-2024-40968, CVE-2024-40974,  CVE-2024-40978, CVE-2024-40980, CVE-2024-40981, CVE-2024-40984,  CVE-2024-40987, CVE-2024-40988, CVE-2024-40995, CVE-2024-41006,  CVE-2024-41007, CVE-2024-41034, CVE-2024-41035, CVE-2024-41041,  CVE-2024-41044, CVE-2024-41046, CVE-2024-41049, CVE-2024-41087,  CVE-2024-41089, CVE-2024-41095, CVE-2024-41097, CVE-2024-42070,  CVE-2024-42076, CVE-2024-42084, CVE-2024-42086, CVE-2024-42087,  CVE-2024-42089, CVE-2024-42090, CVE-2024-42092, CVE-2024-42093,  CVE-2024-42094, CVE-2024-42096, CVE-2024-42097, CVE-2024-42101,  CVE-2024-42102, CVE-2024-42104, CVE-2024-42105, CVE-2024-42106,  CVE-2024-42115, CVE-2024-42119, CVE-2024-42124, CVE-2024-42127,  CVE-2024-42145, CVE-2024-42148, CVE-2024-42153, CVE-2024-42154,  CVE-2024-42157, CVE-2024-42223, CVE-2024-42224, CVE-2024-42232,  CVE-2024-42236Package Information:  https://launchpad.net/ubuntu/+source/linux/5.4.0-195.215  https://launchpad.net/ubuntu/+source/linux-aws/5.4.0-1132.142  https://launchpad.net/ubuntu/+source/linux-azure/5.4.0-1137.144  https://launchpad.net/ubuntu/+source/linux-bluefield/5.4.0-1092.99  https://launchpad.net/ubuntu/+source/linux-gcp/5.4.0-1136.145  https://launchpad.net/ubuntu/+source/linux-gkeop/5.4.0-1099.103  https://launchpad.net/ubuntu/+source/linux-ibm/5.4.0-1079.84  https://launchpad.net/ubuntu/+source/linux-kvm/5.4.0-1120.128  https://launchpad.net/ubuntu/+source/linux-oracle/5.4.0-1131.140

Ubuntu Security Notice USN-7003-1

Ubuntu Security Notice 6999-1 - Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service.

    ==========================================================================Ubuntu Security Notice USN-6999-1September 11, 2024linux, linux-aws, linux-gcp, linux-gke, linux-ibm, linux-lowlatency,linux-oem-6.8, linux-oracle vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 24.04 LTSSummary:Several security issues were fixed in the Linux kernel.Software Description:- linux: Linux kernel- linux-aws: Linux kernel for Amazon Web Services (AWS) systems- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems- linux-gke: Linux kernel for Google Container Engine (GKE) systems- linux-ibm: Linux kernel for IBM cloud systems- linux-lowlatency: Linux low latency kernel- linux-oem-6.8: Linux kernel for OEM systems- linux-oracle: Linux kernel for Oracle Cloud systemsDetails:Chenyuan Yang discovered that the CEC driver driver in the Linux kernelcontained a use-after-free vulnerability. A local attacker could use thisto cause a denial of service (system crash) or possibly execute arbitrarycode. (CVE-2024-23848)It was discovered that the JFS file system contained an out-of-bounds readvulnerability when printing xattr debug information. A local attacker coulduse this to cause a denial of service (system crash). (CVE-2024-40902)Several security issues were discovered in the Linux kernel.An attacker could possibly use these to compromise the system.This update corrects flaws in the following subsystems:  - ARM64 architecture;  - MIPS architecture;  - PA-RISC architecture;  - PowerPC architecture;  - RISC-V architecture;  - x86 architecture;  - Block layer subsystem;  - ACPI drivers;  - Drivers core;  - Null block device driver;  - Character device driver;  - TPM device driver;  - Clock framework and drivers;  - CPU frequency scaling framework;  - Hardware crypto device drivers;  - CXL (Compute Express Link) drivers;  - Buffer Sharing and Synchronization framework;  - DMA engine subsystem;  - EFI core;  - FPGA Framework;  - GPU drivers;  - Greybus drivers;  - HID subsystem;  - HW tracing;  - I2C subsystem;  - IIO subsystem;  - InfiniBand drivers;  - Input Device (Mouse) drivers;  - Mailbox framework;  - Media drivers;  - Microchip PCI driver;  - VMware VMCI Driver;  - Network drivers;  - PCI subsystem;  - x86 platform drivers;  - PTP clock framework;  - S/390 drivers;  - SCSI drivers;  - SoundWire subsystem;  - Sonic Silicon Backplane drivers;  - Greybus lights staging drivers;  - Thermal drivers;  - TTY drivers;  - USB subsystem;  - VFIO drivers;  - Framebuffer layer;  - Watchdog drivers;  - 9P distributed file system;  - BTRFS file system;  - File systems infrastructure;  - Ext4 file system;  - F2FS file system;  - JFS file system;  - Network file system server daemon;  - NILFS2 file system;  - NTFS3 file system;  - SMB network file system;  - Tracing file system;  - Tracing infrastructure;  - io_uring subsystem;  - Core kernel;  - BPF subsystem;  - Kernel debugger infrastructure;  - DMA mapping infrastructure;  - IRQ subsystem;  - Memory management;  - 9P file system network protocol;  - Amateur Radio drivers;  - B.A.T.M.A.N. meshing protocol;  - Ethernet bridge;  - Networking core;  - Ethtool driver;  - IPv4 networking;  - IPv6 networking;  - MAC80211 subsystem;  - Multipath TCP;  - Netfilter;  - NET/ROM layer;  - NFC subsystem;  - Network traffic control;  - Sun RPC protocol;  - TIPC protocol;  - TLS protocol;  - Unix domain sockets;  - Wireless networking;  - XFRM subsystem;  - AppArmor security module;  - Integrity Measurement Architecture(IMA) framework;  - Landlock security;  - Linux Security Modules (LSM) Framework;  - SELinux security module;  - Simplified Mandatory Access Control Kernel framework;  - ALSA framework;  - HD-audio driver;  - SOF drivers;  - KVM core;(CVE-2024-40911, CVE-2024-37356, CVE-2024-40935, CVE-2024-40944,CVE-2024-41003, CVE-2024-40990, CVE-2024-40952, CVE-2024-40940,CVE-2024-40930, CVE-2024-40985, CVE-2024-40941, CVE-2024-38630,CVE-2024-39466, CVE-2024-40933, CVE-2024-38624, CVE-2024-40924,CVE-2024-40945, CVE-2024-40899, CVE-2024-38622, CVE-2024-40979,CVE-2024-36484, CVE-2024-41004, CVE-2024-39474, CVE-2022-48772,CVE-2024-36244, CVE-2024-38664, CVE-2024-40925, CVE-2024-40980,CVE-2024-39480, CVE-2024-36270, CVE-2024-40936, CVE-2024-40904,CVE-2024-38635, CVE-2024-40927, CVE-2024-36481, CVE-2024-40929,CVE-2024-40958, CVE-2024-36978, CVE-2024-40992, CVE-2024-40908,CVE-2024-39504, CVE-2024-41001, CVE-2024-40967, CVE-2023-52884,CVE-2024-40997, CVE-2024-40903, CVE-2024-40913, CVE-2024-34030,CVE-2024-39473, CVE-2024-40966, CVE-2024-40951, CVE-2024-40902,CVE-2024-40982, CVE-2024-40923, CVE-2024-39467, CVE-2024-40910,CVE-2024-40909, CVE-2024-39463, CVE-2024-40974, CVE-2024-41002,CVE-2024-39464, CVE-2024-39496, CVE-2024-41040, CVE-2024-39469,CVE-2024-39500, CVE-2024-39510, CVE-2024-38627, CVE-2024-32936,CVE-2024-40975, CVE-2024-38390, CVE-2024-40959, CVE-2024-41006,CVE-2024-40986, CVE-2024-40987, CVE-2024-40922, CVE-2024-40983,CVE-2024-37354, CVE-2024-38637, CVE-2024-39277, CVE-2024-40943,CVE-2024-39371, CVE-2024-40921, CVE-2024-40953, CVE-2024-38634,CVE-2024-38659, CVE-2024-39492, CVE-2024-40976, CVE-2024-40906,CVE-2024-40965, CVE-2024-38667, CVE-2024-39498, CVE-2024-38628,CVE-2024-38661, CVE-2024-38663, CVE-2024-40998, CVE-2024-40948,CVE-2024-38306, CVE-2024-40928, CVE-2024-39468, CVE-2024-39494,CVE-2024-39505, CVE-2024-40963, CVE-2024-39499, CVE-2024-39506,CVE-2024-40995, CVE-2024-39491, CVE-2024-40900, CVE-2024-39478,CVE-2024-39490, CVE-2024-39291, CVE-2024-40981, CVE-2024-40926,CVE-2024-40939, CVE-2024-38385, CVE-2024-39483, CVE-2024-40989,CVE-2024-40955, CVE-2024-39501, CVE-2024-38381, CVE-2024-33621,CVE-2024-40964, CVE-2024-42148, CVE-2024-36286, CVE-2024-38629,CVE-2024-39509, CVE-2024-39298, CVE-2024-36489, CVE-2024-34777,CVE-2024-40957, CVE-2024-40919, CVE-2024-39462, CVE-2024-39495,CVE-2024-39497, CVE-2024-38636, CVE-2024-36281, CVE-2024-39479,CVE-2024-40932, CVE-2024-36288, CVE-2024-38623, CVE-2024-40969,CVE-2024-40931, CVE-2024-36971, CVE-2024-40934, CVE-2024-36015,CVE-2024-39485, CVE-2024-40996, CVE-2024-39507, CVE-2024-36973,CVE-2024-38625, CVE-2024-39301, CVE-2024-34027, CVE-2024-37026,CVE-2024-40960, CVE-2024-37078, CVE-2024-40912, CVE-2024-40988,CVE-2024-41005, CVE-2024-39276, CVE-2024-38662, CVE-2024-39502,CVE-2024-36479, CVE-2024-40947, CVE-2024-38780, CVE-2024-38388,CVE-2024-40917, CVE-2024-36974, CVE-2024-40970, CVE-2024-40901,CVE-2024-38384, CVE-2024-39475, CVE-2024-40949, CVE-2024-37021,CVE-2024-38633, CVE-2024-39503, CVE-2024-41000, CVE-2024-33847,CVE-2024-35247, CVE-2024-40968, CVE-2024-33619, CVE-2024-38619,CVE-2024-40984, CVE-2024-36478, CVE-2024-39493, CVE-2024-42078,CVE-2024-40954, CVE-2024-40978, CVE-2024-39508, CVE-2024-40915,CVE-2024-39489, CVE-2024-40920, CVE-2024-38618, CVE-2024-40938,CVE-2024-39296, CVE-2024-40962, CVE-2024-39470, CVE-2024-39481,CVE-2024-40977, CVE-2024-38621, CVE-2024-40971, CVE-2024-31076,CVE-2024-36972, CVE-2024-39471, CVE-2024-40994, CVE-2024-40973,CVE-2024-40916, CVE-2024-40942, CVE-2024-40956, CVE-2024-39465,CVE-2024-40914, CVE-2024-40937, CVE-2024-40918, CVE-2024-40905,CVE-2024-39488, CVE-2024-38632, CVE-2024-39461, CVE-2024-40999,CVE-2024-40972, CVE-2024-36477, CVE-2024-40961)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 24.04 LTS  linux-image-6.8.0-1010-gke      6.8.0-1010.13  linux-image-6.8.0-1012-ibm      6.8.0-1012.12  linux-image-6.8.0-1012-oem      6.8.0-1012.12  linux-image-6.8.0-1012-oracle   6.8.0-1012.12  linux-image-6.8.0-1012-oracle-64k  6.8.0-1012.12  linux-image-6.8.0-1014-gcp      6.8.0-1014.16  linux-image-6.8.0-1015-aws      6.8.0-1015.16  linux-image-6.8.0-44-generic    6.8.0-44.44  linux-image-6.8.0-44-generic-64k  6.8.0-44.44  linux-image-6.8.0-44-lowlatency  6.8.0-44.44.1  linux-image-6.8.0-44-lowlatency-64k  6.8.0-44.44.1  linux-image-aws                 6.8.0-1015.16  linux-image-gcp                 6.8.0-1014.16  linux-image-generic             6.8.0-44.44  linux-image-generic-64k         6.8.0-44.44  linux-image-generic-64k-hwe-24.04  6.8.0-44.44  linux-image-generic-hwe-24.04   6.8.0-44.44  linux-image-generic-lpae        6.8.0-44.44  linux-image-gke                 6.8.0-1010.13  linux-image-ibm                 6.8.0-1012.12  linux-image-ibm-classic         6.8.0-1012.12  linux-image-ibm-lts-24.04       6.8.0-1012.12  linux-image-kvm                 6.8.0-44.44  linux-image-lowlatency          6.8.0-44.44.1  linux-image-lowlatency-64k      6.8.0-44.44.1  linux-image-oracle              6.8.0-1012.12  linux-image-oracle-64k          6.8.0-1012.12  linux-image-virtual             6.8.0-44.44  linux-image-virtual-hwe-24.04   6.8.0-44.44After a standard system update you need to reboot your computer to makeall the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed.Unless you manually uninstalled the standard kernel metapackages(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,linux-powerpc), a standard system upgrade will automatically performthis as well.References:  https://ubuntu.com/security/notices/USN-6999-1  CVE-2022-48772, CVE-2023-52884, CVE-2024-23848, CVE-2024-31076,  CVE-2024-32936, CVE-2024-33619, CVE-2024-33621, CVE-2024-33847,  CVE-2024-34027, CVE-2024-34030, CVE-2024-34777, CVE-2024-35247,  CVE-2024-36015, CVE-2024-36244, CVE-2024-36270, CVE-2024-36281,  CVE-2024-36286, CVE-2024-36288, CVE-2024-36477, CVE-2024-36478,  CVE-2024-36479, CVE-2024-36481, CVE-2024-36484, CVE-2024-36489,  CVE-2024-36971, CVE-2024-36972, CVE-2024-36973, CVE-2024-36974,  CVE-2024-36978, CVE-2024-37021, CVE-2024-37026, CVE-2024-37078,  CVE-2024-37354, CVE-2024-37356, CVE-2024-38306, CVE-2024-38381,  CVE-2024-38384, CVE-2024-38385, CVE-2024-38388, CVE-2024-38390,  CVE-2024-38618, CVE-2024-38619, CVE-2024-38621, CVE-2024-38622,  CVE-2024-38623, CVE-2024-38624, CVE-2024-38625, CVE-2024-38627,  CVE-2024-38628, CVE-2024-38629, CVE-2024-38630, CVE-2024-38632,  CVE-2024-38633, CVE-2024-38634, CVE-2024-38635, CVE-2024-38636,  CVE-2024-38637, CVE-2024-38659, CVE-2024-38661, CVE-2024-38662,  CVE-2024-38663, CVE-2024-38664, CVE-2024-38667, CVE-2024-38780,  CVE-2024-39276, CVE-2024-39277, CVE-2024-39291, CVE-2024-39296,  CVE-2024-39298, CVE-2024-39301, CVE-2024-39371, CVE-2024-39461,  CVE-2024-39462, CVE-2024-39463, CVE-2024-39464, CVE-2024-39465,  CVE-2024-39466, CVE-2024-39467, CVE-2024-39468, CVE-2024-39469,  CVE-2024-39470, CVE-2024-39471, CVE-2024-39473, CVE-2024-39474,  CVE-2024-39475, CVE-2024-39478, CVE-2024-39479, CVE-2024-39480,  CVE-2024-39481, CVE-2024-39483, CVE-2024-39485, CVE-2024-39488,  CVE-2024-39489, CVE-2024-39490, CVE-2024-39491, CVE-2024-39492,  CVE-2024-39493, CVE-2024-39494, CVE-2024-39495, CVE-2024-39496,  CVE-2024-39497, CVE-2024-39498, CVE-2024-39499, CVE-2024-39500,  CVE-2024-39501, CVE-2024-39502, CVE-2024-39503, CVE-2024-39504,  CVE-2024-39505, CVE-2024-39506, CVE-2024-39507, CVE-2024-39508,  CVE-2024-39509, CVE-2024-39510, CVE-2024-40899, CVE-2024-40900,  CVE-2024-40901, CVE-2024-40902, CVE-2024-40903, CVE-2024-40904,  CVE-2024-40905, CVE-2024-40906, CVE-2024-40908, CVE-2024-40909,  CVE-2024-40910, CVE-2024-40911, CVE-2024-40912, CVE-2024-40913,  CVE-2024-40914, CVE-2024-40915, CVE-2024-40916, CVE-2024-40917,  CVE-2024-40918, CVE-2024-40919, CVE-2024-40920, CVE-2024-40921,  CVE-2024-40922, CVE-2024-40923, CVE-2024-40924, CVE-2024-40925,  CVE-2024-40926, CVE-2024-40927, CVE-2024-40928, CVE-2024-40929,  CVE-2024-40930, CVE-2024-40931, CVE-2024-40932, CVE-2024-40933,  CVE-2024-40934, CVE-2024-40935, CVE-2024-40936, CVE-2024-40937,  CVE-2024-40938, CVE-2024-40939, CVE-2024-40940, CVE-2024-40941,  CVE-2024-40942, CVE-2024-40943, CVE-2024-40944, CVE-2024-40945,  CVE-2024-40947, CVE-2024-40948, CVE-2024-40949, CVE-2024-40951,  CVE-2024-40952, CVE-2024-40953, CVE-2024-40954, CVE-2024-40955,  CVE-2024-40956, CVE-2024-40957, CVE-2024-40958, CVE-2024-40959,  CVE-2024-40960, CVE-2024-40961, CVE-2024-40962, CVE-2024-40963,  CVE-2024-40964, CVE-2024-40965, CVE-2024-40966, CVE-2024-40967,  CVE-2024-40968, CVE-2024-40969, CVE-2024-40970, CVE-2024-40971,  CVE-2024-40972, CVE-2024-40973, CVE-2024-40974, CVE-2024-40975,  CVE-2024-40976, CVE-2024-40977, CVE-2024-40978, CVE-2024-40979,  CVE-2024-40980, CVE-2024-40981, CVE-2024-40982, CVE-2024-40983,  CVE-2024-40984, CVE-2024-40985, CVE-2024-40986, CVE-2024-40987,  CVE-2024-40988, CVE-2024-40989, CVE-2024-40990, CVE-2024-40992,  CVE-2024-40994, CVE-2024-40995, CVE-2024-40996, CVE-2024-40997,  CVE-2024-40998, CVE-2024-40999, CVE-2024-41000, CVE-2024-41001,  CVE-2024-41002, CVE-2024-41003, CVE-2024-41004, CVE-2024-41005,  CVE-2024-41006, CVE-2024-41040, CVE-2024-42078, CVE-2024-42148Package Information:  https://launchpad.net/ubuntu/+source/linux/6.8.0-44.44  https://launchpad.net/ubuntu/+source/linux-aws/6.8.0-1015.16  https://launchpad.net/ubuntu/+source/linux-gcp/6.8.0-1014.16  https://launchpad.net/ubuntu/+source/linux-gke/6.8.0-1010.13  https://launchpad.net/ubuntu/+source/linux-ibm/6.8.0-1012.12  https://launchpad.net/ubuntu/+source/linux-lowlatency/6.8.0-44.44.1  https://launchpad.net/ubuntu/+source/linux-oem-6.8/6.8.0-1012.12  https://launchpad.net/ubuntu/+source/linux-oracle/6.8.0-1012.12

Ubuntu Security Notice USN-6999-1

Red Hat Security Advisory 2024-6612-03 - An update for fence-agents is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Issues addressed include a code execution vulnerability.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_6612.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: fence-agents security updateAdvisory ID:        RHSA-2024:6612-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:6612Issue date:         2024-09-11Revision:           03CVE Names:          CVE-2024-6345====================================================================Summary: An update for fence-agents is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Security Fix(es):* pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools (CVE-2024-6345)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-6345References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2297771

Red Hat Security Advisory 2024-6612-03

Red Hat Security Advisory 2024-6611-03 - An update for fence-agents is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a code execution vulnerability.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_6611.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: fence-agents security updateAdvisory ID:        RHSA-2024:6611-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:6611Issue date:         2024-09-11Revision:           03CVE Names:          CVE-2024-6345====================================================================Summary: An update for fence-agents is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Security Fix(es):* pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools (CVE-2024-6345)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-6345References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2297771

Red Hat Security Advisory 2024-6611-03

Red Hat Security Advisory 2024-6610-03 - An update for git is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_6610.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: git security updateAdvisory ID:        RHSA-2024:6610-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:6610Issue date:         2024-09-11Revision:           03CVE Names:          CVE-2024-32002====================================================================Summary: An update for git is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection.Security Fix(es):* git: Recursive clones RCE (CVE-2024-32002)* git: RCE while cloning local repos (CVE-2024-32004)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-32002References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2280421https://bugzilla.redhat.com/show_bug.cgi?id=2280428

Red Hat Security Advisory 2024-6610-03

Red Hat Security Advisory 2024-6595-03 - An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_6595.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Moderate: java-1.8.0-ibm security updateAdvisory ID:        RHSA-2024:6595-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:6595Issue date:         2024-09-11Revision:           03CVE Names:          ====================================================================Summary: An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.This update upgrades IBM Java SE 8 to version 8 SR8-FP15.Security Fix(es):* IBM JDK: Object Request Broker (ORB) denial of service (CVE-2023-38264)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:CVEs:References:https://access.redhat.com/security/updates/classification/#moderate

Red Hat Security Advisory 2024-6595-03

Red Hat Security Advisory 2024-6584-03 - An update for httpd is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support.

    The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_6584.jsonRed Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.- Packet Storm Staff====================================================================Red Hat Security AdvisorySynopsis:           Important: httpd security updateAdvisory ID:        RHSA-2024:6584-03Product:            Red Hat Enterprise LinuxAdvisory URL:       https://access.redhat.com/errata/RHSA-2024:6584Issue date:         2024-09-11Revision:           03CVE Names:          CVE-2024-38476====================================================================Summary: An update for httpd is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Description:The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.Security Fix(es):* httpd: Security issues via?backend applications whose response headers are malicious or exploitable (CVE-2024-38476)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Solution:https://access.redhat.com/articles/11258CVEs:CVE-2024-38476References:https://access.redhat.com/security/updates/classification/#importanthttps://bugzilla.redhat.com/show_bug.cgi?id=2295015

Red Hat Security Advisory 2024-6584-03

Kransom ransomware hides within the StarRail game using DLL side-loading and a legitimate certificate from COGNOSPHERE PTE. LTD.…

Kransom ransomware hides within the StarRail game using DLL side-loading and a legitimate certificate from COGNOSPHERE PTE. LTD. Bypassing detection, this malware delivers an encrypted payload. Analyze it in ANY.RUN’s interactive sandbox.

Researchers at ANY.RUN have discovered that the Kransom ransomware is being disguised as a game to evade detection. This malware employs DLL side-loading to execute its payload, using a legitimate certificate from COGNOSPHERE PTE. LTD. The latter adds an extra layer of deception to its attack. 

****Overview of Kransom Ransomware****

The ransomware execution flow

Kransom ransomware is cleverly disguised within the game StarRail, a legitimate software used as a front to trick users. The malware relies on a DLL file stored in the same directory as the game, which contains its encrypted ransomware code. 

This is a classic case of DLL side-loading, where a legitimate executable file loads a malicious DLL, allowing the ransomware to hijack the execution flow.

****Legitimate Certificate with Malicious Intent****

One of the most deceptive elements of Kransom is its use of a legitimate certificate from COGNOSPHERE PTE. LTD. By using a trusted certificate, the malware is able to bypass many traditional security measures, as the system recognizes the software as harmless. 

The valid certificate is displayed in ANY.RUN

However, malicious actions take place once the StarRailBase.dll is loaded by the executable, initiating the ransomware attack.

****How Kransom Ransomware Works****

To observe how Kransom ransomware works, a sample of this malware can be uploaded to a malware sandbox like ANY.RUN. The sandbox allows anyone to carry out a full analysis of the malware’s execution process, from its initial stages to the completion of its payload.

The legitimate **StarRail** game serves as a mask for the ransomware, which won’t function without the presence of the malicious **StarRailBase.dll** file. This DLL contains the ransomware’s encrypted payload, which is then executed by the game’s EXE file.

Malicious activity executed by DLL file in ANY.RUN

It should be noted that the game **StarRail**, developed by **HoYoverse**, is completely safe when used in its original form. However, Kransom takes advantage of the game’s structure to embed its malicious code in the same folder, making it difficult for users to notice anything unusual.

The ransomware code within the DLL is encrypted using XOR, making it harder to detect. Tools like ANY.RUN can help security analysts uncover what’s been XORed, providing crucial insight into the malicious content.

XOR-URL displayed in ANY.RUN sandbox

Once the ransomware is activated, users are met with a message: _“I believe you’ve encountered some problems. Email to hoyoverse for solutions.”_

Ransom note analyzed inside ANY.RUN’s sandbox

You can have a more comprehensive analysis of this malware by searching for additional samples in ANY.RUN’s TI Lookup tool.

Samples in ANY.RUN’s TI Lookup

****Try ANY.RUN Sandbox for Free****

To analyze your own malware and phishing samples in a fully interactive Windows 10 x64 or Linux VM environment, create a free ANY.RUN account using your email.

ANY.RUN’s cloud sandbox allows you to interact with files, URLs, and the system as if you were using a standard computer. You can download attachments, solve CAPTCHAs, and even reboot the entire system during analysis.

For advanced features like private mode and collaboration tools, you can request a 14-day free trial directly from ANY.RUN’s official website.

1.  **Analysis of Top Infostealers: Redline, Vidar and Formbook**
2.  **New ransomware locks files & asks victims to play PUBG game**
3.  **This Ransomware tells users to play a Japanese game – That’s all**
4.  **PythonAnywhere Cloud Platform Abused for Hosting Ransomware**
5.  **New Ransomware Asks User to Play a Game while Encrypting Data**

Tag

#linux