CVE-2024-35871
Published: 19 May 2024
In the Linux kernel, the following vulnerability has been resolved: riscv: process: Fix kernel gp leakage childregs represents the registers which are active for the new thread in user context. For a kernel thread, childregs->gp is never used since the kernel gp is not touched by switch_to. For a user mode helper, the gp value can be observed in user space after execve or possibly by other means. [From the email thread] The /* Kernel thread */ comment is somewhat inaccurate in that it is also used for user_mode_helper threads, which exec a user process, e.g. /sbin/init or when /proc/sys/kernel/core_pattern is a pipe. Such threads do not have PF_KTHREAD set and are valid targets for ptrace etc. even before they exec. childregs is the *user* context during syscall execution and it is observable from userspace in at least five ways: 1. kernel_execve does not currently clear integer registers, so the starting register state for PID 1 and other user processes started by the kernel has sp = user stack, gp = kernel __global_pointer$, all other integer registers zeroed by the memset in the patch comment. This is a bug in its own right, but I'm unwilling to bet that it is the only way to exploit the issue addressed by this patch. 2. ptrace(PTRACE_GETREGSET): you can PTRACE_ATTACH to a user_mode_helper thread before it execs, but ptrace requires SIGSTOP to be delivered which can only happen at user/kernel boundaries. 3. /proc/*/task/*/syscall: this is perfectly happy to read pt_regs for user_mode_helpers before the exec completes, but gp is not one of the registers it returns. 4. PERF_SAMPLE_REGS_USER: LOCKDOWN_PERF normally prevents access to kernel addresses via PERF_SAMPLE_REGS_INTR, but due to this bug kernel addresses are also exposed via PERF_SAMPLE_REGS_USER which is permitted under LOCKDOWN_PERF. I have not attempted to write exploit code. 5. Much of the tracing infrastructure allows access to user registers. I have not attempted to determine which forms of tracing allow access to user registers without already allowing access to kernel registers.
Priority
Status
Package | Release | Status |
---|---|---|
linux
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(ESM criteria, was needed)
|
focal |
Needed
|
|
jammy |
Released
(5.15.0-116.126)
|
|
mantic |
Ignored
(end of life, was needed)
|
|
noble |
Released
(6.8.0-38.38)
|
|
trusty |
Not vulnerable
(3.11.0-12.19)
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
xenial |
Not vulnerable
(4.4.0-2.16)
|
|
Patches:
Introduced by
7db91e57a0acde126a162ababfb1e0ab190130cb
|
||
linux-allwinner-5.19
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(end of kernel support)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(end of life)
|
|
linux-aws
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(ESM criteria, was needed)
|
focal |
Needed
|
|
jammy |
Released
(5.15.0-1065.71)
|
|
mantic |
Ignored
(end of life, was needed)
|
|
noble |
Released
(6.8.0-1011.12)
|
|
trusty |
Not vulnerable
(4.4.0-1002.2)
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
xenial |
Not vulnerable
(4.4.0-1001.10)
|
|
linux-aws-5.0
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-aws-5.3)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-aws-5.3)
|
|
linux-aws-5.11
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-aws-5.13)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-aws-5.13)
|
|
linux-aws-5.13
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-aws-5.15)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-aws-5.15)
|
|
linux-aws-5.15
Launchpad, Ubuntu, Debian |
focal |
Released
(5.15.0-1065.71~20.04.1)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-aws-5.19
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(superseded by linux-aws-6.2)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-aws-6.2)
|
|
linux-aws-5.3
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-aws-5.4)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-aws-5.4)
|
|
linux-aws-5.4
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(ESM criteria, was needed)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-aws-5.8
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-aws-5.11)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-aws-5.11)
|
|
linux-aws-6.2
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(superseded by linux-aws-6.5)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-aws-6.5)
|
|
linux-aws-6.5
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(superseded by linux-aws-6.8, was needed)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-aws-fips
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-aws-hwe
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
xenial |
Ignored
(ESM criteria, was needed)
|
|
linux-azure
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-azure-5.3)
|
focal |
Needed
|
|
jammy |
Released
(5.15.0-1068.77)
|
|
mantic |
Ignored
(end of life, was needed)
|
|
noble |
Released
(6.8.0-1010.10)
|
|
trusty |
Ignored
(ESM criteria, was needed)
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
xenial |
Ignored
(ESM criteria, was needed)
|
|
linux-azure-4.15
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(ESM criteria, was needed)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-azure-5.11
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-azure-5.13)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-azure-5.13)
|
|
linux-azure-5.13
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-azure-5.15)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-azure-5.15)
|
|
linux-azure-5.15
Launchpad, Ubuntu, Debian |
focal |
Released
(5.15.0-1068.77~20.04.1)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-azure-5.19
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(superseded by linux-azure-6.2)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-azure-6.2)
|
|
linux-azure-5.3
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-azure-5.4)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-azure-5.4)
|
|
linux-azure-5.4
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(ESM criteria, was needed)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-azure-5.8
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-azure-5.11)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-azure-5.11)
|
|
linux-azure-6.2
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(superseded by linux-azure-6.5)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-azure-6.5)
|
|
linux-azure-6.5
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(superseded by linux-azure-6.8, was needed)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-azure-edge
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-azure-5.3)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-azure-5.3)
|
|
linux-azure-fde
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-azure-fde-5.15)
|
jammy |
Released
(5.15.0-1068.77.1)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-azure-fde-5.15
Launchpad, Ubuntu, Debian |
focal |
Released
(5.15.0-1068.77~20.04.1.1)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-azure-fde-5.19
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(superseded by linux-azure-fde-6.2)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-azure-fde-6.2)
|
|
linux-azure-fde-6.2
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(replaced by linux-azure-6.5)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(replaced by linux-azure-6.5)
|
|
linux-azure-fips
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-bluefield
Launchpad, Ubuntu, Debian |
focal |
Needed
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-fips
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-gcp
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-gcp-5.3)
|
focal |
Needed
|
|
jammy |
Released
(5.15.0-1064.72)
|
|
mantic |
Ignored
(end of life, was needed)
|
|
noble |
Released
(6.8.0-1010.11)
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
xenial |
Ignored
(ESM criteria, was needed)
|
|
linux-gcp-4.15
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(ESM criteria, was needed)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-gcp-5.11
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-gcp-5.13)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-gcp-5.13)
|
|
linux-gcp-5.13
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-gcp-5.15)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-gcp-5.15)
|
|
linux-gcp-5.15
Launchpad, Ubuntu, Debian |
focal |
Released
(5.15.0-1065.73~20.04.1)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-gcp-5.19
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(superseded by linux-gcp-6.2)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-gcp-6.2)
|
|
linux-gcp-5.3
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-gcp-5.4)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-gcp-5.4)
|
|
linux-gcp-5.4
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(ESM criteria, was needed)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-gcp-5.8
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-gcp-5.11)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-gcp-5.11)
|
|
linux-gcp-6.2
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(superseded by linux-gcp-6.5)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-gcp-6.5)
|
|
linux-gcp-6.5
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(superseded by linux-gcp-6.8, was needed)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-gcp-fips
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-gke
Launchpad, Ubuntu, Debian |
focal |
Ignored
(end of kernel support)
|
jammy |
Released
(5.15.0-1062.68)
|
|
mantic |
Does not exist
|
|
noble |
Released
(6.8.0-1006.9)
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-gke-4.15
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-gke-5.0)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-gke-5.0)
|
|
linux-gke-5.15
Launchpad, Ubuntu, Debian |
focal |
Ignored
(end of kernel support)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(end of life)
|
|
linux-gke-5.4
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(end of kernel support)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(end of life)
|
|
linux-gkeop
Launchpad, Ubuntu, Debian |
focal |
Needed
|
jammy |
Released
(5.15.0-1048.55)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-gkeop-5.15
Launchpad, Ubuntu, Debian |
focal |
Released
(5.15.0-1048.55~20.04.1)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-gkeop-5.4
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(end of kernel support)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(end of life)
|
|
linux-hwe
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(replaced by linux-hwe-5.4)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
xenial |
Ignored
(ESM criteria, was needed)
|
|
linux-hwe-5.11
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-hwe-5.13)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-hwe-5.13)
|
|
linux-hwe-5.13
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-hwe-5.15)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-hwe-5.15)
|
|
linux-hwe-5.15
Launchpad, Ubuntu, Debian |
focal |
Released
(5.15.0-116.126~20.04.1)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-hwe-5.19
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(superseded by linux-hwe-6.2)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-hwe-6.2)
|
|
linux-hwe-5.4
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(ESM criteria, was needed)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-hwe-5.8
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-hwe-5.11)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-hwe-5.11)
|
|
linux-hwe-6.2
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(superseded by linux-hwe-6.5)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-hwe-6.5)
|
|
linux-hwe-6.5
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(superseded by linux-hwe-6.8, was needed)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-hwe-6.8
Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Not vulnerable
(6.8.0-38.38~22.04.1)
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
xenial |
Does not exist
|
|
linux-hwe-edge
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-hwe-5.4)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(end of life)
|
|
xenial |
Ignored
(superseded by linux-hwe)
|
|
linux-ibm
Launchpad, Ubuntu, Debian |
focal |
Needed
|
jammy |
Released
(5.15.0-1058.61)
|
|
mantic |
Ignored
(end of kernel support)
|
|
noble |
Released
(6.8.0-1008.8)
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-ibm-5.15
Launchpad, Ubuntu, Debian |
focal |
Released
(5.15.0-1058.61~20.04.1)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-ibm-5.4
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(ESM criteria, was needed)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-intel
Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Released
(6.8.0-1007.14)
|
|
trusty |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
xenial |
Does not exist
|
|
linux-intel-5.13
Launchpad, Ubuntu, Debian |
focal |
Ignored
(end of kernel support)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(end of life)
|
|
linux-intel-iot-realtime
Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
xenial |
Does not exist
|
|
linux-intel-iotg
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Released
(5.15.0-1060.66)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-intel-iotg-5.15
Launchpad, Ubuntu, Debian |
focal |
Released
(5.15.0-1060.66~20.04.1)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-iot
Launchpad, Ubuntu, Debian |
focal |
Needed
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-kvm
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(ESM criteria, was needed)
|
focal |
Needed
|
|
jammy |
Released
(5.15.0-1062.67)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
xenial |
Not vulnerable
(4.4.0-1004.9)
|
|
linux-laptop
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Does not exist
|
|
mantic |
Ignored
(end of life, was needed)
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-lowlatency
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Released
(5.15.0-116.126)
|
|
mantic |
Ignored
(end of life, was needed)
|
|
noble |
Released
(6.8.0-38.38.1)
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-lowlatency-hwe-5.15
Launchpad, Ubuntu, Debian |
focal |
Released
(5.15.0-116.126~20.04.1)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-lowlatency-hwe-5.19
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(superseded by linux-lowlatency-hwe-6.2)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-lowlatency-hwe-6.2)
|
|
linux-lowlatency-hwe-6.2
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(superseded by linux-lowlatency-hwe-6.5)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-lowlatency-hwe-6.5)
|
|
linux-lowlatency-hwe-6.5
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(superseded by linux-lowlatency-hwe-6.8, was needed)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-lowlatency-hwe-6.8
Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Not vulnerable
(6.8.0-38.38.1~22.04.2)
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
xenial |
Does not exist
|
|
linux-lts-xenial
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Not vulnerable
(4.4.0-13.29~14.04.1)
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-nvidia
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Released
(5.15.0-1060.61)
|
|
mantic |
Does not exist
|
|
noble |
Released
(6.8.0-1009.9)
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-nvidia-6.2
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(superseded by linux-nvidia-6.5)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-nvidia-6.5)
|
|
linux-nvidia-6.5
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Needed
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-nvidia-6.8
Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Released
(6.8.0-1009.9~22.04.1)
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
xenial |
Does not exist
|
|
linux-nvidia-lowlatency
Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
noble |
Not vulnerable
(6.8.0-1009.9.1)
|
|
trusty |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
xenial |
Does not exist
|
|
linux-oem
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(replaced by linux-hwe-5.4)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(end of life)
|
|
linux-oem-5.10
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-oem-5.13)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-oem-5.13)
|
|
linux-oem-5.13
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-oem-5.14)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-oem-5.14)
|
|
linux-oem-5.14
Launchpad, Ubuntu, Debian |
focal |
Ignored
(replaced by linux-hwe-5.15)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(replaced by linux-hwe-5.15)
|
|
linux-oem-5.17
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(superseded by linux-oem-6.1)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-oem-6.1)
|
|
linux-oem-5.6
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-oem-5.10)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-oem-5.10)
|
|
linux-oem-6.0
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(superseded by linux-oem-6.1)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-oem-6.1)
|
|
linux-oem-6.1
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(superseded by linux-oem-6.5)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-oem-6.5)
|
|
linux-oem-6.5
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(superseded by linux-oem-6.8, was needed)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-oem-6.8
Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Released
(6.8.0-1008.8)
|
|
trusty |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
xenial |
Does not exist
|
|
linux-oracle
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(ESM criteria, was needed)
|
focal |
Needed
|
|
jammy |
Released
(5.15.0-1063.69)
|
|
mantic |
Ignored
(end of life, was needed)
|
|
noble |
Released
(6.8.0-1008.8)
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
xenial |
Ignored
(ESM criteria, was needed)
|
|
linux-oracle-5.0
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-oracle-5.3)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-oracle-5.3)
|
|
linux-oracle-5.11
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-oracle-5.13)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-oracle-5.13)
|
|
linux-oracle-5.13
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-oracle-5.15)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-oracle-5.15)
|
|
linux-oracle-5.15
Launchpad, Ubuntu, Debian |
focal |
Released
(5.15.0-1063.69~20.04.1)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-oracle-5.3
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-oracle-5.4)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-oracle-5.4)
|
|
linux-oracle-5.4
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(ESM criteria, was needed)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-oracle-5.8
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-oracle-5.11)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-oracle-5.11)
|
|
linux-oracle-6.5
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(superseded by linux-oracle-6.8, was needed)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-raspi
Launchpad, Ubuntu, Debian |
focal |
Needed
|
jammy |
Released
(5.15.0-1058.61)
|
|
mantic |
Ignored
(end of life, was needed)
|
|
noble |
Released
(6.8.0-1007.7)
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-raspi-5.4
Launchpad, Ubuntu, Debian |
bionic |
Ignored
(ESM criteria, was needed)
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-raspi-realtime
Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
xenial |
Does not exist
|
|
linux-raspi2
Launchpad, Ubuntu, Debian |
focal |
Ignored
(replaced by linux-raspi)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(replaced by linux-raspi)
|
|
linux-realtime
Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Ignored
(superseded by Ubuntu Pro ppa version)
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
xenial |
Does not exist
|
|
linux-riscv
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-riscv-5.8)
|
jammy |
Ignored
(end of kernel support)
|
|
mantic |
Ignored
(end of life, was needed)
|
|
noble |
Released
(6.8.0-38.38.1)
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-riscv-5.11
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-riscv-5.13)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-riscv-5.13)
|
|
linux-riscv-5.15
Launchpad, Ubuntu, Debian |
focal |
Released
(5.15.0-1061.65~20.04.1)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-riscv-5.19
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(end of kernel support)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(end of life)
|
|
linux-riscv-5.8
Launchpad, Ubuntu, Debian |
focal |
Ignored
(superseded by linux-riscv-5.11)
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-riscv-5.11)
|
|
linux-riscv-6.5
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(superseded by linux-riscv-6.8, was needed)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-riscv-6.8
Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Not vulnerable
(6.8.0-38.38.1~22.04.1)
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
xenial |
Does not exist
|
|
linux-starfive
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Does not exist
|
|
mantic |
Ignored
(end of life, was needed)
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-starfive-5.19
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(end of kernel support)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(end of life)
|
|
linux-starfive-6.2
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(superseded by linux-starfive-6.5)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-starfive-6.5)
|
|
linux-starfive-6.5
Launchpad, Ubuntu, Debian |
focal |
Does not exist
|
jammy |
Ignored
(end of kernel support, was needed)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
|
linux-xilinx-zynqmp
Launchpad, Ubuntu, Debian |
focal |
Needed
|
jammy |
Pending
(5.15.0-1035.39)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
upstream |
Released
(6.9~rc3, 6.8.5)
|
References
- https://www.cve.org/CVERecord?id=CVE-2024-35871
- https://git.kernel.org/linus/d14fa1fcf69db9d070e75f1c4425211fa619dfc8 (6.9-rc3)
- https://git.kernel.org/stable/c/9abc3e6f1116adb7a2d4fbb8ce20c37916976bf5
- https://git.kernel.org/stable/c/dff6072124f6df77bfd36951fbd88565746980ef
- https://git.kernel.org/stable/c/f6583444d7e78dae750798552b65a2519ff3ca84
- https://git.kernel.org/stable/c/00effef72c98294edb1efa87ffa0f6cfb61b36a4
- https://git.kernel.org/stable/c/d8dcba0691b8e42bddb61aab201e4d918a08e5d9
- https://git.kernel.org/stable/c/d14fa1fcf69db9d070e75f1c4425211fa619dfc8
- https://ubuntu.com/security/notices/USN-6893-1
- https://ubuntu.com/security/notices/USN-6898-1
- https://ubuntu.com/security/notices/USN-6893-2
- https://ubuntu.com/security/notices/USN-6898-2
- https://ubuntu.com/security/notices/USN-6898-3
- https://ubuntu.com/security/notices/USN-6893-3
- https://ubuntu.com/security/notices/USN-6898-4
- https://ubuntu.com/security/notices/USN-6917-1
- https://ubuntu.com/security/notices/USN-6919-1
- https://ubuntu.com/security/notices/USN-6918-1
- https://ubuntu.com/security/notices/USN-6927-1
- NVD
- Launchpad
- Debian