CVE-2023-52489
Published: 11 March 2024
In the Linux kernel, the following vulnerability has been resolved: mm/sparsemem: fix race in accessing memory_section->usage The below race is observed on a PFN which falls into the device memory region with the system memory configuration where PFN's are such that [ZONE_NORMAL ZONE_DEVICE ZONE_NORMAL]. Since normal zone start and end pfn contains the device memory PFN's as well, the compaction triggered will try on the device memory PFN's too though they end up in NOP(because pfn_to_online_page() returns NULL for ZONE_DEVICE memory sections). When from other core, the section mappings are being removed for the ZONE_DEVICE region, that the PFN in question belongs to, on which compaction is currently being operated is resulting into the kernel crash with CONFIG_SPASEMEM_VMEMAP enabled. The crash logs can be seen at [1]. compact_zone() memunmap_pages ------------- --------------- __pageblock_pfn_to_page ...... (a)pfn_valid(): valid_section()//return true (b)__remove_pages()-> sparse_remove_section()-> section_deactivate(): [Free the array ms->usage and set ms->usage = NULL] pfn_section_valid() [Access ms->usage which is NULL] NOTE: From the above it can be said that the race is reduced to between the pfn_valid()/pfn_section_valid() and the section deactivate with SPASEMEM_VMEMAP enabled. The commit b943f045a9af("mm/sparse: fix kernel crash with pfn_section_valid check") tried to address the same problem by clearing the SECTION_HAS_MEM_MAP with the expectation of valid_section() returns false thus ms->usage is not accessed. Fix this issue by the below steps: a) Clear SECTION_HAS_MEM_MAP before freeing the ->usage. b) RCU protected read side critical section will either return NULL when SECTION_HAS_MEM_MAP is cleared or can successfully access ->usage. c) Free the ->usage with kfree_rcu() and set ms->usage = NULL. No attempt will be made to access ->usage after this as the SECTION_HAS_MEM_MAP is cleared thus valid_section() return false. Thanks to David/Pavan for their inputs on this patch. [1] https://lore.kernel.org/linux-mm/994410bb-89aa-d987-1f50-f514903c55aa@quicinc.com/ On Snapdragon SoC, with the mentioned memory configuration of PFN's as [ZONE_NORMAL ZONE_DEVICE ZONE_NORMAL], we are able to see bunch of issues daily while testing on a device farm. For this particular issue below is the log. Though the below log is not directly pointing to the pfn_section_valid(){ ms->usage;}, when we loaded this dump on T32 lauterbach tool, it is pointing. [ 540.578056] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 [ 540.578068] Mem abort info: [ 540.578070] ESR = 0x0000000096000005 [ 540.578073] EC = 0x25: DABT (current EL), IL = 32 bits [ 540.578077] SET = 0, FnV = 0 [ 540.578080] EA = 0, S1PTW = 0 [ 540.578082] FSC = 0x05: level 1 translation fault [ 540.578085] Data abort info: [ 540.578086] ISV = 0, ISS = 0x00000005 [ 540.578088] CM = 0, WnR = 0 [ 540.579431] pstate: 82400005 (Nzcv daif +PAN -UAO +TCO -DIT -SSBSBTYPE=--) [ 540.579436] pc : __pageblock_pfn_to_page+0x6c/0x14c [ 540.579454] lr : compact_zone+0x994/0x1058 [ 540.579460] sp : ffffffc03579b510 [ 540.579463] x29: ffffffc03579b510 x28: 0000000000235800 x27:000000000000000c [ 540.579470] x26: 0000000000235c00 x25: 0000000000000068 x24:ffffffc03579b640 [ 540.579477] x23: 0000000000000001 x22: ffffffc03579b660 x21:0000000000000000 [ 540.579483] x20: 0000000000235bff x19: ffffffdebf7e3940 x18:ffffffdebf66d140 [ 540.579489] x17: 00000000739ba063 x16: 00000000739ba063 x15:00000000009f4bff [ 540.579495] x14: 0000008000000000 x13: 0000000000000000 x12:0000000000000001 [ 540.579501] x11: 0000000000000000 x10: 0000000000000000 x9 :ffffff897d2cd440 [ 540.579507] x8 : 0000000000000000 x7 : 0000000000000000 x6 :ffffffc03579b5b4 [ 540.579512] x5 : 0000000000027f25 x4 : ffffffc03579b5b8 x3 :0000000000000 ---truncated---
Notes
Author | Note |
---|---|
rodrigo-zaiden |
fix for this issue introduces a new issue, CVE-2024-26639. USN-6765-1 for linux-oem-6.5 wrongly stated that this CVE was fixed in version 6.5.0-1022.23. The mentioned notice was revoked and the state of the fix for linux-oem-6.5 was recovered to the previous state. |
Priority
Status
Package | Release | Status |
---|---|---|
linux
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(ESM criteria, was needed)
|
focal |
Needed
|
|
jammy |
Released
(5.15.0-106.116)
|
|
mantic |
Released
(6.5.0-41.41)
|
|
noble |
Not vulnerable
(6.8.0-11.11)
|
|
trusty |
Ignored
(ESM criteria, was needed)
|
|
upstream |
Released
(6.8~rc1)
|
|
xenial |
Ignored
(ESM criteria, was needed)
|
|
Patches:
Introduced by
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
|
||
linux-allwinner-5.19
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(end of kernel support)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(end of life)
|
|
linux-aws
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(ESM criteria, was needed)
|
focal |
Needed
|
|
jammy |
Released
(5.15.0-1061.67)
|
|
mantic |
Released
(6.5.0-1021.21)
|
|
noble |
Not vulnerable
(6.8.0-1001.1)
|
|
trusty |
Ignored
(ESM criteria, was needed)
|
|
upstream |
Released
(6.8~rc1)
|
|
xenial |
Ignored
(ESM criteria, was needed)
|
|
linux-aws-5.0
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-aws-5.3)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-aws-5.3)
|
|
linux-aws-5.11
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-aws-5.13)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-aws-5.13)
|
|
linux-aws-5.13
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-aws-5.15)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-aws-5.15)
|
|
linux-aws-5.15
Launchpad, Ubuntu, Debian |
focal |
Released
(5.15.0-1061.67~20.04.1)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-aws-5.19
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(superseded by linux-aws-6.2)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-aws-6.2)
|
|
linux-aws-5.3
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-aws-5.4)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-aws-5.4)
|
|
linux-aws-5.4
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(ESM criteria, was needed)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-aws-5.8
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-aws-5.11)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-aws-5.11)
|
|
linux-aws-6.2
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(superseded by linux-aws-6.5)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-aws-6.5)
|
|
linux-aws-6.5
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(end of life, was pending [6.5.0-1021.21~22.04.1])
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-aws-fips
Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
xenial |
Does not exist
|
|
linux-aws-hwe
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
xenial |
Ignored
(ESM criteria, was needed)
|
|
linux-azure
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-azure-5.3)
|
focal |
Needed
|
|
jammy |
Released
(5.15.0-1063.72)
|
|
mantic |
Released
(6.5.0-1022.23)
|
|
noble |
Not vulnerable
(6.8.0-1001.1)
|
|
trusty |
Ignored
(ESM criteria, was needed)
|
|
upstream |
Released
(6.8~rc1)
|
|
xenial |
Ignored
(ESM criteria, was needed)
|
|
linux-azure-4.15
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(ESM criteria, was needed)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-azure-5.11
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-azure-5.13)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-azure-5.13)
|
|
linux-azure-5.13
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-azure-5.15)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-azure-5.15)
|
|
linux-azure-5.15
Launchpad, Ubuntu, Debian |
focal |
Released
(5.15.0-1063.72~20.04.1)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-azure-5.19
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(superseded by linux-azure-6.2)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-azure-6.2)
|
|
linux-azure-5.3
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-azure-5.4)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-azure-5.4)
|
|
linux-azure-5.4
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(ESM criteria, was needed)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-azure-5.8
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-azure-5.11)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-azure-5.11)
|
|
linux-azure-6.2
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(superseded by linux-azure-6.5)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-azure-6.5)
|
|
linux-azure-6.5
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Released
(6.5.0-1022.23~22.04.1)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-azure-edge
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-azure-5.3)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-azure-5.3)
|
|
linux-azure-fde
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-azure-fde-5.15)
|
jammy |
Released
(5.15.0-1063.72.1)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-azure-fde-5.15
Launchpad, Ubuntu, Debian |
focal |
Released
(5.15.0-1063.72~20.04.1.1)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-azure-fde-5.19
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(superseded by linux-azure-fde-6.2)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-azure-fde-6.2)
|
|
linux-azure-fde-6.2
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(replaced by linux-azure-6.5)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(replaced by linux-azure-6.5)
|
|
linux-azure-fips
Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
xenial |
Does not exist
|
|
linux-bluefield
Launchpad, Ubuntu, Debian |
focal |
Needed
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-fips
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-gcp
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-gcp-5.3)
|
focal |
Needed
|
|
jammy |
Released
(5.15.0-1059.67)
|
|
mantic |
Released
(6.5.0-1022.24)
|
|
noble |
Not vulnerable
(6.8.0-1002.2)
|
|
upstream |
Released
(6.8~rc1)
|
|
xenial |
Ignored
(ESM criteria, was needed)
|
|
linux-gcp-4.15
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(ESM criteria, was needed)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-gcp-5.11
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-gcp-5.13)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-gcp-5.13)
|
|
linux-gcp-5.13
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-gcp-5.15)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-gcp-5.15)
|
|
linux-gcp-5.15
Launchpad, Ubuntu, Debian |
focal |
Released
(5.15.0-1059.67~20.04.1)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-gcp-5.19
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(superseded by linux-gcp-6.2)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-gcp-6.2)
|
|
linux-gcp-5.3
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-gcp-5.4)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-gcp-5.4)
|
|
linux-gcp-5.4
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(ESM criteria, was needed)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-gcp-5.8
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-gcp-5.11)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-gcp-5.11)
|
|
linux-gcp-6.2
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(superseded by linux-gcp-6.5)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-gcp-6.5)
|
|
linux-gcp-6.5
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Released
(6.5.0-1022.24~22.04.1)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-gcp-fips
Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
xenial |
Does not exist
|
|
linux-gke
Launchpad, Ubuntu, Debian |
focal |
Ignored
(end of kernel support)
|
jammy |
Released
(5.15.0-1058.63)
|
|
mantic |
Does not exist
|
|
noble |
Not vulnerable
(6.8.0-1003.5)
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-gke-4.15
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-gke-5.0)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-gke-5.0)
|
|
linux-gke-5.15
Launchpad, Ubuntu, Debian |
focal |
Ignored
(end of kernel support)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(end of life)
|
|
linux-gke-5.4
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(end of kernel support)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(end of life)
|
|
linux-gkeop
Launchpad, Ubuntu, Debian |
focal |
Needed
|
jammy |
Released
(5.15.0-1044.51)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-gkeop-5.15
Launchpad, Ubuntu, Debian |
focal |
Released
(5.15.0-1044.51~20.04.1)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-gkeop-5.4
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(end of kernel support)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(end of life)
|
|
linux-hwe
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(replaced by linux-hwe-5.4)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
xenial |
Ignored
(ESM criteria, was needed)
|
|
linux-hwe-5.11
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-hwe-5.13)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-hwe-5.13)
|
|
linux-hwe-5.13
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-hwe-5.15)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-hwe-5.15)
|
|
linux-hwe-5.15
Launchpad, Ubuntu, Debian |
focal |
Released
(5.15.0-106.116~20.04.1)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-hwe-5.19
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(superseded by linux-hwe-6.2)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-hwe-6.2)
|
|
linux-hwe-5.4
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(ESM criteria, was needed)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-hwe-5.8
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-hwe-5.11)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-hwe-5.11)
|
|
linux-hwe-6.2
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(superseded by linux-hwe-6.5)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-hwe-6.5)
|
|
linux-hwe-6.5
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Released
(6.5.0-41.41~22.04.2)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-hwe-6.8
Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Not vulnerable
(6.8.0-38.38~22.04.1)
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
xenial |
Does not exist
|
|
linux-hwe-edge
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-hwe-5.4)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(end of life)
|
|
xenial |
Ignored
(superseded by linux-hwe)
|
|
linux-ibm
Launchpad, Ubuntu, Debian |
focal |
Needed
|
jammy |
Released
(5.15.0-1054.57)
|
|
mantic |
Ignored
(end of kernel support)
|
|
noble |
Not vulnerable
(6.8.0-1001.1)
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-ibm-5.15
Launchpad, Ubuntu, Debian |
focal |
Released
(5.15.0-1054.57~20.04.1)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-ibm-5.4
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(ESM criteria, was needed)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-intel
Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Not vulnerable
(6.8.0-1001.6)
|
|
trusty |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
xenial |
Does not exist
|
|
linux-intel-5.13
Launchpad, Ubuntu, Debian |
focal |
Ignored
(end of kernel support)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(end of life)
|
|
linux-intel-iot-realtime
Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
xenial |
Does not exist
|
|
linux-intel-iotg
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Released
(5.15.0-1057.63)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-intel-iotg-5.15
Launchpad, Ubuntu, Debian |
focal |
Released
(5.15.0-1058.64~20.04.1)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-iot
Launchpad, Ubuntu, Debian |
focal |
Needed
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-kvm
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(ESM criteria, was needed)
|
focal |
Needed
|
|
jammy |
Released
(5.15.0-1058.63)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
xenial |
Ignored
(ESM criteria, was needed)
|
|
linux-laptop
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Does not exist
|
|
mantic |
Released
(6.5.0-1017.20)
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-lowlatency
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Released
(5.15.0-106.116)
|
|
mantic |
Released
(6.5.0-41.41.1)
|
|
noble |
Not vulnerable
(6.8.0-7.7.1)
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-lowlatency-hwe-5.15
Launchpad, Ubuntu, Debian |
focal |
Released
(5.15.0-106.116~20.04.1)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-lowlatency-hwe-5.19
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(superseded by linux-lowlatency-hwe-6.2)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-lowlatency-hwe-6.2)
|
|
linux-lowlatency-hwe-6.2
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(superseded by linux-lowlatency-hwe-6.5)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-lowlatency-hwe-6.5)
|
|
linux-lowlatency-hwe-6.5
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Released
(6.5.0-41.41.1~22.04.1)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-lowlatency-hwe-6.8
Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Not vulnerable
(6.8.0-38.38.1~22.04.2)
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
xenial |
Does not exist
|
|
linux-lts-xenial
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Ignored
(ESM criteria, was needed)
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-nvidia
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Released
(5.15.0-1054.55)
|
|
mantic |
Does not exist
|
|
noble |
Not vulnerable
(6.8.0-1007.7)
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-nvidia-6.2
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(superseded by linux-nvidia-6.5)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-nvidia-6.5)
|
|
linux-nvidia-6.5
Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Released
(6.5.0-1021.22)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
xenial |
Does not exist
|
|
linux-nvidia-6.8
Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Not vulnerable
(6.8.0-1008.8~22.04.1)
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
xenial |
Does not exist
|
|
linux-nvidia-lowlatency
Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
noble |
Not vulnerable
(6.8.0-1009.9.1)
|
|
trusty |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
xenial |
Does not exist
|
|
linux-oem
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(replaced by linux-hwe-5.4)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(end of life)
|
|
linux-oem-5.10
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-oem-5.13)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-oem-5.13)
|
|
linux-oem-5.13
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-oem-5.14)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-oem-5.14)
|
|
linux-oem-5.14
Launchpad, Ubuntu, Debian |
focal |
Ignored
(replaced by linux-hwe-5.15)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(replaced by linux-hwe-5.15)
|
|
linux-oem-5.17
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(superseded by linux-oem-6.1)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-oem-6.1)
|
|
linux-oem-5.6
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-oem-5.10)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-oem-5.10)
|
|
linux-oem-6.0
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(superseded by linux-oem-6.1)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-oem-6.1)
|
|
linux-oem-6.1
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(superseded by linux-oem-6.5, was needs-triage)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-oem-6.5, was needs-triage)
|
|
linux-oem-6.5
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Released
(6.5.0-1024.25)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-oem-6.8
Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Not vulnerable
(6.8.0-1003.3)
|
|
trusty |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
xenial |
Does not exist
|
|
linux-oracle
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(ESM criteria, was needed)
|
focal |
Needed
|
|
jammy |
Released
(5.15.0-1059.65)
|
|
mantic |
Released
(6.5.0-1024.24)
|
|
noble |
Not vulnerable
(6.8.0-1001.1)
|
|
upstream |
Released
(6.8~rc1)
|
|
xenial |
Ignored
(ESM criteria, was needed)
|
|
linux-oracle-5.0
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-oracle-5.3)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-oracle-5.3)
|
|
linux-oracle-5.11
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-oracle-5.13)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-oracle-5.13)
|
|
linux-oracle-5.13
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-oracle-5.15)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-oracle-5.15)
|
|
linux-oracle-5.15
Launchpad, Ubuntu, Debian |
focal |
Released
(5.15.0-1059.65~20.04.1)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-oracle-5.3
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-oracle-5.4)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-oracle-5.4)
|
|
linux-oracle-5.4
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(ESM criteria, was needed)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-oracle-5.8
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-oracle-5.11)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-oracle-5.11)
|
|
linux-oracle-6.5
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Released
(6.5.0-1024.24~22.04.1)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-raspi
Launchpad, Ubuntu, Debian |
focal |
Needed
|
jammy |
Released
(5.15.0-1054.57)
|
|
mantic |
Released
(6.5.0-1018.21)
|
|
noble |
Not vulnerable
(6.8.0-1001.1)
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-raspi-5.4
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(ESM criteria, was needed)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-raspi-realtime
Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
xenial |
Does not exist
|
|
linux-raspi2
Launchpad, Ubuntu, Debian |
focal |
Ignored
(replaced by linux-raspi)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(replaced by linux-raspi)
|
|
linux-realtime
Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Ignored
(superseded by Ubuntu Pro ppa version)
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
xenial |
Does not exist
|
|
linux-riscv
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-riscv-5.8)
|
jammy |
Ignored
(end of kernel support)
|
|
mantic |
Released
(6.5.0-40.40.1)
|
|
noble |
Not vulnerable
(6.8.0-20.20.1)
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-riscv-5.11
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-riscv-5.13)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-riscv-5.13)
|
|
linux-riscv-5.15
Launchpad, Ubuntu, Debian |
focal |
Released
(5.15.0-1057.61~20.04.1)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-riscv-5.19
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(end of kernel support)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(end of life)
|
|
linux-riscv-5.8
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-riscv-5.11)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-riscv-5.11)
|
|
linux-riscv-6.5
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Released
(6.5.0-40.40.1~22.04.1)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-riscv-6.8
Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Not vulnerable
(6.8.0-38.38.1~22.04.1)
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
xenial |
Does not exist
|
|
linux-starfive
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Does not exist
|
|
mantic |
Released
(6.5.0-1015.16)
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-starfive-5.19
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(end of kernel support)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(end of life)
|
|
linux-starfive-6.2
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(superseded by linux-starfive-6.5)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-starfive-6.5)
|
|
linux-starfive-6.5
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Released
(6.5.0-1015.16~22.04.1)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
|
linux-xilinx-zynqmp
Launchpad, Ubuntu, Debian |
focal |
Needed
|
jammy |
Released
(5.15.0-1030.34)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.8~rc1)
|
References
- https://git.kernel.org/linus/5ec8e8ea8b7783fab150cf86404fc38cb4db8800 (6.8-rc1)
- https://git.kernel.org/stable/c/90ad17575d26874287271127d43ef3c2af876cea
- https://git.kernel.org/stable/c/b448de2459b6d62a53892487ab18b7d823ff0529
- https://git.kernel.org/stable/c/68ed9e33324021e9d6b798e9db00ca3093d2012a
- https://git.kernel.org/stable/c/70064241f2229f7ba7b9599a98f68d9142e81a97
- https://git.kernel.org/stable/c/3a01daace71b521563c38bbbf874e14c3e58adb7
- https://git.kernel.org/stable/c/5ec8e8ea8b7783fab150cf86404fc38cb4db8800
- https://www.cve.org/CVERecord?id=CVE-2023-52489
- https://ubuntu.com/security/notices/USN-6766-1
- https://ubuntu.com/security/notices/USN-6766-2
- https://ubuntu.com/security/notices/USN-6766-3
- https://ubuntu.com/security/notices/USN-6795-1
- https://ubuntu.com/security/notices/USN-6818-1
- https://ubuntu.com/security/notices/USN-6819-1
- https://ubuntu.com/security/notices/USN-6818-2
- https://ubuntu.com/security/notices/USN-6828-1
- https://ubuntu.com/security/notices/USN-6819-2
- https://ubuntu.com/security/notices/USN-6819-3
- https://ubuntu.com/security/notices/USN-6818-3
- https://ubuntu.com/security/notices/USN-6818-4
- https://ubuntu.com/security/notices/USN-6819-4
- NVD
- Launchpad
- Debian