Sicherheit: Zwei Probleme in Linux (Aktualisierung)

Lesezeichen hinzufügen

--===============2216524829001750043==
Content-Type: multipart/signed; boundary="=-=-=";
micalg=pgp-sha512; protocol="application/pgp-signature"

--=-=-=
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
Ubuntu Security Notice USN-7325-2
March 07, 2025

linux-nvidia vulnerabilities
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D

A security issue affects these releases of Ubuntu and its derivatives:

=2D Ubuntu 24.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
=2D linux-nvidia: Linux kernel for NVIDIA systems

Details:

Attila Sz=C3=A1sz discovered that the HFS+ file system implementation in the
Linux Kernel contained a heap overflow vulnerability. An attacker could use
a specially crafted file system image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2025-0927)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Media drivers;
(CVE-2024-53104)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.04 LTS
linux-image-6.8.0-1023-nvidia 6.8.0-1023.26
linux-image-6.8.0-1023-nvidia-64k 6.8.0-1023.26
linux-image-nvidia 6.8.0-1023.26
linux-image-nvidia-64k 6.8.0-1023.26

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-7325-2
https://ubuntu.com/security/notices/USN-7325-1
CVE-2024-53104, CVE-2025-0927

Package Information:
https://launchpad.net/ubuntu/+source/linux-nvidia/6.8.0-1023.26

--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQHZBAEBCgBDFiEEBcMY+nwS2CY71sUWc4vdAqvdlsYFAmfKzFslHGdpYW1wYW9s
by5mcmVzaS5yb2dsaWFAY2Fub25pY2FsLmNvbQAKCRBzi90Cq92WxizGC/9qpiFI
8dFEBiDaDk0GZ0pta7bT7g7WUqPyu5wEvMhgsOYkHqIXkeD/C45RBZ8cIXADzbJL
v8mXVRLZsluJMYZI07pm96kxxEucfXilwANL+Lci+BzlPIyodY0fex0egxlsTKTW
Xms4NYjtKH6rZsakfyX1jWMS5g6EMzJN7BeybppXsKF1MjSyWRv+Dl3vJEpVMm3M
4Gx9jo8E2R1S+wIK34ZcDTfW2965AKiWejWI8OcUBVVDkn1Gw7H5dA21fHl909gV
LWqj6v9D8S+A1QBhvessYnXBr8zwzWwyvyEBD8+D7H6ZnJuke14na6gDb3CZHnFE
Xx0NtR0rPooiK79eLNoR+iEvPIpO6mNLlH8eQJvvcr9CGlf1dbZvblaCYzr9NrpJ
TJ3e3R+mixnlBJveAxemxR5hAdXYpTst2b9eOl/gr8yEFND6Ul0Hqe2wwra2qDOR
bHaypN4EF7Jo8P5iNsd0qzDkXqETx4hTB2huNEzwX3Q1p+Zf67EAtiOXG8I=
=8xx+
-----END PGP SIGNATURE-----
--=-=-=--

--===============2216524829001750043==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline

--===============2216524829001750043==--