Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2023-52489

Publication date 11 March 2024

Last updated 29 November 2024


Ubuntu priority

In the Linux kernel, the following vulnerability has been resolved: mm/sparsemem: fix race in accessing memory_section->usage The below race is observed on a PFN which falls into the device memory region with the system memory configuration where PFN's are such that [ZONE_NORMAL ZONE_DEVICE ZONE_NORMAL]. Since normal zone start and end pfn contains the device memory PFN's as well, the compaction triggered will try on the device memory PFN's too though they end up in NOP(because pfn_to_online_page() returns NULL for ZONE_DEVICE memory sections). When from other core, the section mappings are being removed for the ZONE_DEVICE region, that the PFN in question belongs to, on which compaction is currently being operated is resulting into the kernel crash with CONFIG_SPASEMEM_VMEMAP enabled. The crash logs can be seen at [1]. compact_zone() memunmap_pages ------------- --------------- __pageblock_pfn_to_page ...... (a)pfn_valid(): valid_section()//return true (b)__remove_pages()-> sparse_remove_section()-> section_deactivate(): [Free the array ms->usage and set ms->usage = NULL] pfn_section_valid() [Access ms->usage which is NULL] NOTE: From the above it can be said that the race is reduced to between the pfn_valid()/pfn_section_valid() and the section deactivate with SPASEMEM_VMEMAP enabled. The commit b943f045a9af("mm/sparse: fix kernel crash with pfn_section_valid check") tried to address the same problem by clearing the SECTION_HAS_MEM_MAP with the expectation of valid_section() returns false thus ms->usage is not accessed. Fix this issue by the below steps: a) Clear SECTION_HAS_MEM_MAP before freeing the ->usage. b) RCU protected read side critical section will either return NULL when SECTION_HAS_MEM_MAP is cleared or can successfully access ->usage. c) Free the ->usage with kfree_rcu() and set ms->usage = NULL. No attempt will be made to access ->usage after this as the SECTION_HAS_MEM_MAP is cleared thus valid_section() return false. Thanks to David/Pavan for their inputs on this patch. [1] https://lore.kernel.org/linux-mm/994410bb-89aa-d987-1f50-f514903c55aa@quicinc.com/ On Snapdragon SoC, with the mentioned memory configuration of PFN's as [ZONE_NORMAL ZONE_DEVICE ZONE_NORMAL], we are able to see bunch of issues daily while testing on a device farm. For this particular issue below is the log. Though the below log is not directly pointing to the pfn_section_valid(){ ms->usage;}, when we loaded this dump on T32 lauterbach tool, it is pointing. [ 540.578056] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 [ 540.578068] Mem abort info: [ 540.578070] ESR = 0x0000000096000005 [ 540.578073] EC = 0x25: DABT (current EL), IL = 32 bits [ 540.578077] SET = 0, FnV = 0 [ 540.578080] EA = 0, S1PTW = 0 [ 540.578082] FSC = 0x05: level 1 translation fault [ 540.578085] Data abort info: [ 540.578086] ISV = 0, ISS = 0x00000005 [ 540.578088] CM = 0, WnR = 0 [ 540.579431] pstate: 82400005 (Nzcv daif +PAN -UAO +TCO -DIT -SSBSBTYPE=--) [ 540.579436] pc : __pageblock_pfn_to_page+0x6c/0x14c [ 540.579454] lr : compact_zone+0x994/0x1058 [ 540.579460] sp : ffffffc03579b510 [ 540.579463] x29: ffffffc03579b510 x28: 0000000000235800 x27:000000000000000c [ 540.579470] x26: 0000000000235c00 x25: 0000000000000068 x24:ffffffc03579b640 [ 540.579477] x23: 0000000000000001 x22: ffffffc03579b660 x21:0000000000000000 [ 540.579483] x20: 0000000000235bff x19: ffffffdebf7e3940 x18:ffffffdebf66d140 [ 540.579489] x17: 00000000739ba063 x16: 00000000739ba063 x15:00000000009f4bff [ 540.579495] x14: 0000008000000000 x13: 0000000000000000 x12:0000000000000001 [ 540.579501] x11: 0000000000000000 x10: 0000000000000000 x9 :ffffff897d2cd440 [ 540.579507] x8 : 0000000000000000 x7 : 0000000000000000 x6 :ffffffc03579b5b4 [ 540.579512] x5 : 0000000000027f25 x4 : ffffffc03579b5b8 x3 :0000000000000 ---truncated---

Read the notes from the security team

Status

Package Ubuntu Release Status
linux 24.10 oracular
Not affected
24.04 LTS noble
Not affected
23.10 mantic
Fixed 6.5.0-41.41
22.04 LTS jammy
Fixed 5.15.0-106.116
20.04 LTS focal
Vulnerable
18.04 LTS bionic Ignored ESM criteria, was needed
16.04 LTS xenial Ignored ESM criteria, was needed
14.04 LTS trusty Ignored ESM criteria, was needed
linux-allwinner-5.19 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Ignored end of kernel support
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-aws 24.10 oracular
Not affected
24.04 LTS noble
Not affected
23.10 mantic
Fixed 6.5.0-1021.21
22.04 LTS jammy
Fixed 5.15.0-1061.67
20.04 LTS focal
Vulnerable
18.04 LTS bionic Ignored ESM criteria, was needed
16.04 LTS xenial Ignored ESM criteria, was needed
14.04 LTS trusty Ignored ESM criteria, was needed
linux-aws-5.0 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Not in release
18.04 LTS bionic Ignored superseded by linux-aws-5.3
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-aws-5.11 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Ignored superseded by linux-aws-5.13
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-aws-5.13 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Ignored superseded by linux-aws-5.15
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-aws-5.15 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal
Fixed 5.15.0-1061.67~20.04.1
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-aws-5.19 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Ignored superseded by linux-aws-6.2
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-aws-5.3 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Not in release
18.04 LTS bionic Ignored superseded by linux-aws-5.4
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-aws-5.4 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Not in release
18.04 LTS bionic Ignored ESM criteria, was needed
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-aws-5.8 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Ignored superseded by linux-aws-5.11
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-aws-6.2 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Ignored superseded by linux-aws-6.5
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-aws-6.5 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Ignored end of life, was pending [6.5.0-1021.21~22.04.1]
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-aws-6.8 24.10 oracular Not in release
24.04 LTS noble Not in release
22.04 LTS jammy
Not affected
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-aws-fips 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-aws-hwe 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Ignored ESM criteria, was needed
14.04 LTS trusty Not in release
linux-azure 24.10 oracular
Not affected
24.04 LTS noble
Not affected
23.10 mantic
Fixed 6.5.0-1022.23
22.04 LTS jammy
Fixed 5.15.0-1063.72
20.04 LTS focal
Vulnerable
18.04 LTS bionic Ignored superseded by linux-azure-5.3
16.04 LTS xenial Ignored ESM criteria, was needed
14.04 LTS trusty Ignored ESM criteria, was needed
linux-azure-4.15 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Not in release
18.04 LTS bionic Ignored ESM criteria, was needed
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-azure-5.11 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Ignored superseded by linux-azure-5.13
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-azure-5.13 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Ignored superseded by linux-azure-5.15
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-azure-5.15 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal
Fixed 5.15.0-1063.72~20.04.1
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-azure-5.19 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Ignored superseded by linux-azure-6.2
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-azure-5.3 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Not in release
18.04 LTS bionic Ignored superseded by linux-azure-5.4
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-azure-5.4 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Not in release
18.04 LTS bionic Ignored ESM criteria, was needed
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-azure-5.8 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Ignored superseded by linux-azure-5.11
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-azure-6.2 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Ignored superseded by linux-azure-6.5
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-azure-6.5 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy
Fixed 6.5.0-1022.23~22.04.1
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-azure-6.8 24.10 oracular Not in release
24.04 LTS noble Not in release
22.04 LTS jammy
Not affected
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-azure-edge 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Not in release
18.04 LTS bionic Ignored superseded by linux-azure-5.3
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-azure-fde 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy
Fixed 5.15.0-1063.72.1
20.04 LTS focal Ignored superseded by linux-azure-fde-5.15
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-azure-fde-5.15 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal
Fixed 5.15.0-1063.72~20.04.1.1
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-azure-fde-5.19 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Ignored superseded by linux-azure-fde-6.2
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-azure-fde-6.2 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Ignored replaced by linux-azure-6.5
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-azure-fips 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-bluefield 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal
Vulnerable
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-fips 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-gcp 24.10 oracular
Not affected
24.04 LTS noble
Not affected
23.10 mantic
Fixed 6.5.0-1022.24
22.04 LTS jammy
Fixed 5.15.0-1059.67
20.04 LTS focal
Vulnerable
18.04 LTS bionic Ignored superseded by linux-gcp-5.3
16.04 LTS xenial Ignored ESM criteria, was needed
14.04 LTS trusty Not in release
linux-gcp-4.15 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Not in release
18.04 LTS bionic Ignored ESM criteria, was needed
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-gcp-5.11 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Ignored superseded by linux-gcp-5.13
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-gcp-5.13 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Ignored superseded by linux-gcp-5.15
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-gcp-5.15 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal
Fixed 5.15.0-1059.67~20.04.1
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-gcp-5.19 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Ignored superseded by linux-gcp-6.2
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-gcp-5.3 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Not in release
18.04 LTS bionic Ignored superseded by linux-gcp-5.4
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-gcp-5.4 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Not in release
18.04 LTS bionic Ignored ESM criteria, was needed
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-gcp-5.8 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Ignored superseded by linux-gcp-5.11
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-gcp-6.2 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Ignored superseded by linux-gcp-6.5
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-gcp-6.5 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy
Fixed 6.5.0-1022.24~22.04.1
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-gcp-6.8 24.10 oracular Not in release
24.04 LTS noble Not in release
22.04 LTS jammy
Not affected
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-gcp-fips 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-gke 24.10 oracular Not in release
24.04 LTS noble
Not affected
23.10 mantic Not in release
22.04 LTS jammy
Fixed 5.15.0-1058.63
20.04 LTS focal Ignored end of kernel support
18.04 LTS bionic Not in release
16.04 LTS xenial Ignored end of standard support
14.04 LTS trusty Not in release
linux-gke-4.15 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Not in release
18.04 LTS bionic Ignored superseded by linux-gke-5.0
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-gke-5.15 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Ignored end of kernel support
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-gke-5.4 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Not in release
18.04 LTS bionic Ignored end of kernel support
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-gkeop 24.10 oracular Not in release
24.04 LTS noble
Not affected
23.10 mantic Not in release
22.04 LTS jammy
Fixed 5.15.0-1044.51
20.04 LTS focal Ignored end of life, was needed
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-gkeop-5.15 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal
Fixed 5.15.0-1044.51~20.04.1
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-gkeop-5.4 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Not in release
18.04 LTS bionic Ignored end of kernel support
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-hwe 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Not in release
18.04 LTS bionic Ignored replaced by linux-hwe-5.4
16.04 LTS xenial Ignored ESM criteria, was needed
14.04 LTS trusty Not in release
linux-hwe-5.11 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Ignored superseded by linux-hwe-5.13
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-hwe-5.13 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Ignored superseded by linux-hwe-5.15
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-hwe-5.15 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal
Fixed 5.15.0-106.116~20.04.1
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-hwe-5.19 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Ignored superseded by linux-hwe-6.2
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-hwe-5.4 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Not in release
18.04 LTS bionic Ignored ESM criteria, was needed
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-hwe-5.8 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Ignored superseded by linux-hwe-5.11
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-hwe-6.2 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Ignored superseded by linux-hwe-6.5
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-hwe-6.5 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy
Fixed 6.5.0-41.41~22.04.2
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-hwe-6.8 24.10 oracular Not in release
24.04 LTS noble Not in release
22.04 LTS jammy
Not affected
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-hwe-edge 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Not in release
18.04 LTS bionic Ignored superseded by linux-hwe-5.4
16.04 LTS xenial Ignored superseded by linux-hwe
14.04 LTS trusty Not in release
linux-ibm 24.10 oracular Not in release
24.04 LTS noble
Not affected
23.10 mantic Ignored end of kernel support
22.04 LTS jammy
Fixed 5.15.0-1054.57
20.04 LTS focal
Vulnerable
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-ibm-5.15 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal
Fixed 5.15.0-1054.57~20.04.1
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-ibm-5.4 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Not in release
18.04 LTS bionic Ignored ESM criteria, was needed
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-intel 24.10 oracular Not in release
24.04 LTS noble
Not affected
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-intel-5.13 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Ignored end of kernel support
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-intel-iot-realtime 24.10 oracular Not in release
24.04 LTS noble Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-intel-iotg 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy
Fixed 5.15.0-1057.63
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-intel-iotg-5.15 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal
Fixed 5.15.0-1058.64~20.04.1
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-iot 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal
Vulnerable
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-kvm 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy
Fixed 5.15.0-1058.63
20.04 LTS focal
Vulnerable
18.04 LTS bionic Ignored ESM criteria, was needed
16.04 LTS xenial Ignored ESM criteria, was needed
14.04 LTS trusty Not in release
linux-laptop 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic
Fixed 6.5.0-1017.20
22.04 LTS jammy Not in release
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-lowlatency 24.10 oracular
Not affected
24.04 LTS noble
Not affected
23.10 mantic
Fixed 6.5.0-41.41.1
22.04 LTS jammy
Fixed 5.15.0-106.116
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-lowlatency-hwe-5.15 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal
Fixed 5.15.0-106.116~20.04.1
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-lowlatency-hwe-5.19 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Ignored superseded by linux-lowlatency-hwe-6.2
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-lowlatency-hwe-6.2 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Ignored superseded by linux-lowlatency-hwe-6.5
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-lowlatency-hwe-6.5 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy
Fixed 6.5.0-41.41.1~22.04.1
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-lowlatency-hwe-6.8 24.10 oracular Not in release
24.04 LTS noble Not in release
22.04 LTS jammy
Not affected
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-lts-xenial 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Ignored ESM criteria, was needed
linux-nvidia 24.10 oracular Not in release
24.04 LTS noble
Not affected
23.10 mantic Not in release
22.04 LTS jammy
Fixed 5.15.0-1054.55
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-nvidia-6.2 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Ignored superseded by linux-nvidia-6.5
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-nvidia-6.5 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy
Fixed 6.5.0-1021.22
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-nvidia-6.8 24.10 oracular Not in release
24.04 LTS noble Not in release
22.04 LTS jammy
Not affected
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-nvidia-lowlatency 24.10 oracular Not in release
24.04 LTS noble
Not affected
22.04 LTS jammy Not in release
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-oem 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Not in release
18.04 LTS bionic Ignored replaced by linux-hwe-5.4
16.04 LTS xenial Ignored end of standard support
14.04 LTS trusty Not in release
linux-oem-5.10 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Ignored superseded by linux-oem-5.13
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-oem-5.13 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Ignored superseded by linux-oem-5.14
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-oem-5.14 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Ignored replaced by linux-hwe-5.15
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-oem-5.17 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Ignored superseded by linux-oem-6.1
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-oem-5.6 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Ignored superseded by linux-oem-5.10
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-oem-6.0 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Ignored superseded by linux-oem-6.1
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-oem-6.1 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Ignored superseded by linux-oem-6.5, was needs-triage
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-oem-6.11 24.10 oracular Not in release
24.04 LTS noble
Not affected
22.04 LTS jammy Not in release
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-oem-6.5 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy
Fixed 6.5.0-1024.25
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-oem-6.8 24.10 oracular Not in release
24.04 LTS noble
Not affected
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-oracle 24.10 oracular
Not affected
24.04 LTS noble
Not affected
23.10 mantic
Fixed 6.5.0-1024.24
22.04 LTS jammy
Fixed 5.15.0-1059.65
20.04 LTS focal
Vulnerable
18.04 LTS bionic Ignored ESM criteria, was needed
16.04 LTS xenial Ignored ESM criteria, was needed
14.04 LTS trusty Not in release
linux-oracle-5.0 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Not in release
18.04 LTS bionic Ignored superseded by linux-oracle-5.3
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-oracle-5.11 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Ignored superseded by linux-oracle-5.13
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-oracle-5.13 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Ignored superseded by linux-oracle-5.15
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-oracle-5.15 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal
Fixed 5.15.0-1059.65~20.04.1
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-oracle-5.3 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Not in release
18.04 LTS bionic Ignored superseded by linux-oracle-5.4
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-oracle-5.4 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Not in release
18.04 LTS bionic Ignored ESM criteria, was needed
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-oracle-5.8 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Ignored superseded by linux-oracle-5.11
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-oracle-6.5 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy
Fixed 6.5.0-1024.24~22.04.1
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-oracle-6.8 24.10 oracular Not in release
24.04 LTS noble Not in release
22.04 LTS jammy
Not affected
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-raspi 24.10 oracular
Not affected
24.04 LTS noble
Not affected
23.10 mantic
Fixed 6.5.0-1018.21
22.04 LTS jammy
Fixed 5.15.0-1054.57
20.04 LTS focal
Vulnerable
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-raspi-5.4 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Not in release
18.04 LTS bionic Ignored ESM criteria, was needed
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-raspi-realtime 24.10 oracular Not in release
24.04 LTS noble Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-raspi2 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Ignored replaced by linux-raspi
18.04 LTS bionic Ignored end of standard support
16.04 LTS xenial Ignored end of standard support
14.04 LTS trusty Not in release
linux-realtime 24.10 oracular
Not affected
24.04 LTS noble Not in release
22.04 LTS jammy Ignored superseded by Ubuntu Pro ppa version
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-riscv 24.10 oracular
Not affected
24.04 LTS noble
Not affected
23.10 mantic
Fixed 6.5.0-40.40.1
22.04 LTS jammy Ignored end of kernel support
20.04 LTS focal Ignored superseded by linux-riscv-5.8
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-riscv-5.11 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Ignored superseded by linux-riscv-5.13
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-riscv-5.15 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal
Fixed 5.15.0-1057.61~20.04.1
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-riscv-5.19 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Ignored end of kernel support
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-riscv-5.8 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Not in release
20.04 LTS focal Ignored superseded by linux-riscv-5.11
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-riscv-6.5 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy
Fixed 6.5.0-40.40.1~22.04.1
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-riscv-6.8 24.10 oracular Not in release
24.04 LTS noble Not in release
22.04 LTS jammy
Not affected
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-starfive 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic
Fixed 6.5.0-1015.16
22.04 LTS jammy Not in release
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-starfive-5.19 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Ignored end of kernel support
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-starfive-6.2 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy Ignored superseded by linux-starfive-6.5
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-starfive-6.5 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy
Fixed 6.5.0-1015.16~22.04.1
20.04 LTS focal Not in release
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-xilinx-zynqmp 24.10 oracular Not in release
24.04 LTS noble Not in release
23.10 mantic Not in release
22.04 LTS jammy
Fixed 5.15.0-1030.34
20.04 LTS focal
Vulnerable
18.04 LTS bionic Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release

Notes


rodrigo-zaiden

fix for this issue introduces a new issue, CVE-2024-26639. USN-6765-1 for linux-oem-6.5 wrongly stated that this CVE was fixed in version 6.5.0-1022.23. The mentioned notice was revoked and the state of the fix for linux-oem-6.5 was recovered to the previous state.

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package Patch details
linux

References

Related Ubuntu Security Notices (USN)

    • USN-6766-1
    • Linux kernel vulnerabilities
    • 7 May 2024
    • USN-6766-2
    • Linux kernel vulnerabilities
    • 15 May 2024
    • USN-6766-3
    • Linux kernel (AWS) vulnerabilities
    • 20 May 2024
    • USN-6795-1
    • Linux kernel (Intel IoTG) vulnerabilities
    • 28 May 2024
    • USN-6818-1
    • Linux kernel vulnerabilities
    • 7 June 2024
    • USN-6819-1
    • Linux kernel vulnerabilities
    • 7 June 2024
    • USN-6818-2
    • Linux kernel (ARM laptop) vulnerabilities
    • 10 June 2024
    • USN-6828-1
    • Linux kernel (Intel IoTG) vulnerabilities
    • 11 June 2024
    • USN-6819-2
    • Linux kernel vulnerabilities
    • 11 June 2024
    • USN-6819-3
    • Linux kernel (OEM) vulnerabilities
    • 12 June 2024
    • USN-6818-3
    • Linux kernel (NVIDIA) vulnerabilities
    • 14 June 2024
    • USN-6818-4
    • Linux kernel (HWE) vulnerabilities
    • 18 June 2024
    • USN-6819-4
    • Linux kernel (Oracle) vulnerabilities
    • 26 June 2024

Other references