--===============5593032292866554889==
Content-Type: multipart/signed; boundary="=-=-=";
micalg=pgp-sha512; protocol="application/pgp-signature"
--=-=-=
Content-Type: text/plain
==========================================================================
Ubuntu Security Notice USN-7289-2
February 25, 2025
linux-azure-5.15, linux-azure-fde-5.15, linux-oracle-5.15 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-azure-5.15: Linux kernel for Microsoft Azure cloud systems
- linux-azure-fde-5.15: Linux kernel for Microsoft Azure CVM cloud systems
- linux-oracle-5.15: Linux kernel for Oracle Cloud systems
Details:
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
- x86 architecture;
- Block layer subsystem;
- ACPI drivers;
- GPU drivers;
- HID subsystem;
- I2C subsystem;
- IIO ADC drivers;
- IIO subsystem;
- InfiniBand drivers;
- IOMMU subsystem;
- IRQ chip drivers;
- Multiple devices driver;
- Media drivers;
- Network drivers;
- STMicroelectronics network drivers;
- Parport drivers;
- Pin controllers subsystem;
- Direct Digital Synthesis drivers;
- TCM subsystem;
- TTY drivers;
- USB Dual Role (OTG-ready) Controller drivers;
- USB Serial drivers;
- USB Type-C support driver;
- USB Type-C Connector System Software Interface driver;
- BTRFS file system;
- File systems infrastructure;
- Network file system (NFS) client;
- NILFS2 file system;
- NTFS3 file system;
- SMB network file system;
- User-space API (UAPI);
- io_uring subsystem;
- BPF subsystem;
- Timer substystem drivers;
- Tracing infrastructure;
- Closures library;
- Memory management;
- Amateur Radio drivers;
- Bluetooth subsystem;
- Networking core;
- IPv4 networking;
- MAC80211 subsystem;
- Multipath TCP;
- Netfilter;
- Network traffic control;
- SCTP protocol;
- XFRM subsystem;
- Key management;
- FireWire sound drivers;
- HD-audio driver;
- QCOM ASoC drivers;
- STMicroelectronics SoC drivers;
- KVM core;
(CVE-2024-50269, CVE-2024-50208, CVE-2024-53101, CVE-2024-50257,
CVE-2024-50110, CVE-2024-39497, CVE-2024-50116, CVE-2024-50153,
CVE-2024-50143, CVE-2023-52913, CVE-2024-53042, CVE-2024-41066,
CVE-2024-42252, CVE-2024-50247, CVE-2024-50131, CVE-2024-50182,
CVE-2024-50279, CVE-2024-50209, CVE-2024-50163, CVE-2024-50265,
CVE-2024-50010, CVE-2024-50171, CVE-2024-50295, CVE-2024-53088,
CVE-2024-50142, CVE-2024-50058, CVE-2024-50195, CVE-2024-50232,
CVE-2024-50141, CVE-2024-50117, CVE-2024-50229, CVE-2024-53061,
CVE-2024-50074, CVE-2024-50282, CVE-2024-50296, CVE-2024-50218,
CVE-2024-50259, CVE-2024-26718, CVE-2024-50134, CVE-2024-50150,
CVE-2024-50301, CVE-2024-40953, CVE-2024-42291, CVE-2024-50086,
CVE-2024-50198, CVE-2024-50194, CVE-2024-50168, CVE-2024-50196,
CVE-2024-50262, CVE-2024-50290, CVE-2024-50036, CVE-2024-50156,
CVE-2024-53066, CVE-2024-50245, CVE-2024-50278, CVE-2024-50127,
CVE-2024-53055, CVE-2024-50287, CVE-2024-53052, CVE-2024-35887,
CVE-2024-50199, CVE-2024-50205, CVE-2024-50273, CVE-2024-50185,
CVE-2024-50201, CVE-2024-50072, CVE-2024-50234, CVE-2024-50101,
CVE-2024-50103, CVE-2024-50302, CVE-2024-50251, CVE-2024-53104,
CVE-2024-50083, CVE-2024-50292, CVE-2024-50236, CVE-2024-50230,
CVE-2024-50085, CVE-2024-50162, CVE-2024-50193, CVE-2024-50267,
CVE-2024-50192, CVE-2024-50148, CVE-2024-50167, CVE-2024-50249,
CVE-2024-50268, CVE-2024-53058, CVE-2024-41080, CVE-2024-50233,
CVE-2024-53097, CVE-2024-50244, CVE-2024-50160, CVE-2024-50299,
CVE-2024-50115, CVE-2024-53059, CVE-2024-50099, CVE-2024-50154,
CVE-2024-53063, CVE-2024-50237, CVE-2024-50128, CVE-2024-40965,
CVE-2024-50151, CVE-2024-50082, CVE-2024-50202)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
linux-image-5.15.0-1075-oracle 5.15.0-1075.81~20.04.1
linux-image-5.15.0-1081-azure 5.15.0-1081.90~20.04.1
linux-image-5.15.0-1081-azure-fde 5.15.0-1081.90~20.04.1.1
linux-image-azure 5.15.0.1081.90~20.04.1
linux-image-azure-cvm 5.15.0.1081.90~20.04.1
linux-image-azure-fde 5.15.0.1081.90~20.04.1.57
linux-image-oracle 5.15.0.1075.81~20.04.1
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-7289-2
https://ubuntu.com/security/notices/USN-7289-1
CVE-2023-52913, CVE-2024-26718, CVE-2024-35887, CVE-2024-39497,
CVE-2024-40953, CVE-2024-40965, CVE-2024-41066, CVE-2024-41080,
CVE-2024-42252, CVE-2024-42291, CVE-2024-50010, CVE-2024-50036,
CVE-2024-50058, CVE-2024-50072, CVE-2024-50074, CVE-2024-50082,
CVE-2024-50083, CVE-2024-50085, CVE-2024-50086, CVE-2024-50099,
CVE-2024-50101, CVE-2024-50103, CVE-2024-50110, CVE-2024-50115,
CVE-2024-50116, CVE-2024-50117, CVE-2024-50127, CVE-2024-50128,
CVE-2024-50131, CVE-2024-50134, CVE-2024-50141, CVE-2024-50142,
CVE-2024-50143, CVE-2024-50148, CVE-2024-50150, CVE-2024-50151,
CVE-2024-50153, CVE-2024-50154, CVE-2024-50156, CVE-2024-50160,
CVE-2024-50162, CVE-2024-50163, CVE-2024-50167, CVE-2024-50168,
CVE-2024-50171, CVE-2024-50182, CVE-2024-50185, CVE-2024-50192,
CVE-2024-50193, CVE-2024-50194, CVE-2024-50195, CVE-2024-50196,
CVE-2024-50198, CVE-2024-50199, CVE-2024-50201, CVE-2024-50202,
CVE-2024-50205, CVE-2024-50208, CVE-2024-50209, CVE-2024-50218,
CVE-2024-50229, CVE-2024-50230, CVE-2024-50232, CVE-2024-50233,
CVE-2024-50234, CVE-2024-50236, CVE-2024-50237, CVE-2024-50244,
CVE-2024-50245, CVE-2024-50247, CVE-2024-50249, CVE-2024-50251,
CVE-2024-50257, CVE-2024-50259, CVE-2024-50262, CVE-2024-50265,
CVE-2024-50267, CVE-2024-50268, CVE-2024-50269, CVE-2024-50273,
CVE-2024-50278, CVE-2024-50279, CVE-2024-50282, CVE-2024-50287,
CVE-2024-50290, CVE-2024-50292, CVE-2024-50295, CVE-2024-50296,
CVE-2024-50299, CVE-2024-50301, CVE-2024-50302, CVE-2024-53042,
CVE-2024-53052, CVE-2024-53055, CVE-2024-53058, CVE-2024-53059,
CVE-2024-53061, CVE-2024-53063, CVE-2024-53066, CVE-2024-53088,
CVE-2024-53097, CVE-2024-53101, CVE-2024-53104
Package Information:
https://launchpad.net/ubuntu/+source/linux-azure-5.15/5.15.0-1081.90~20.04.1
https://launchpad.net/ubuntu/+source/linux-azure-fde-5.15/5.15.0-1081.90~20.04.1.1
https://launchpad.net/ubuntu/+source/linux-oracle-5.15/5.15.0-1075.81~20.04.1
--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQHZBAEBCgBDFiEEBcMY+nwS2CY71sUWc4vdAqvdlsYFAme9r4QlHGdpYW1wYW9s
by5mcmVzaS5yb2dsaWFAY2Fub25pY2FsLmNvbQAKCRBzi90Cq92WxqFbC/wK+GTN
XJ3EdGJgWa0DFob40jXTcburaQNeAuMzM/X91z5WhGBNwiNZMnIdJVUMWbq7Z1Sr
/8su3DqnVxRF2gwluMp28/DsnKp4isob2q8/UbGXhcr+N3FawS+Wc4BJBZtu+SoH
MhpjJcu18oDTVr5+QPV302cDTbup63RpfOhAOgSh/VqLOuQK+tjV1MBef5q2kl8a
6ffXaTfrAO/n+FyU0RKMd4zV3kVsYuUZ6MqIw7eiWVr0Hgdse0nKEy4xCOPqi/ID
5aLWL3JQvPjDXvJqYpRKekn1BQKZkp7Fq/vuIPiGALss6C6Cs2o3ZcQLm2w0F4Gw
Y7dwkL6QMzngoa2+0LoTATdjeAjHCqzT5VhGwKyTRaK0WpjSuJlA0Z4Xu9wKQYyq
CpuTFrJ1BDhOj9ht9FZhMK9ggjqNarHiFOaSaMkppP5eeKaNuLt0DSed0MHUlygu
GUyQwiIyB2V8qZPN2D3LLgfUmXahtiW4Gm8Nx9SgqCu6x09YD96MWEcLdUo=
=ncu4
-----END PGP SIGNATURE-----
--=-=-=--
--===============5593032292866554889==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline
--===============5593032292866554889==--
|
