Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

LSN-0105-1: Kernel Live Patch Security Notice

16 July 2024

Several security issues were fixed in the kernel.

Releases

Software Description

  • aws - Linux kernel for Amazon Web Services (AWS) systems - (>= 4.15.0-1054, >= 4.15.0-1159, >= 4.15.0-1119, >= 5.4.0-1009, >= 5.4.0-1061, >= 5.15.0-1000, >= 6.8.0-1008, >= 4.4.0-1098, >= 4.4.0-1129, >= 4.4.0-1159)
  • aws-5.15 - Linux kernel for Amazon Web Services (AWS) systems - (>= 5.15.0-1000)
  • aws-hwe - Linux kernel for Amazon Web Services (AWS-HWE) systems - (>= 4.15.0-1126)
  • azure - Linux kernel for Microsoft Azure Cloud systems - (>= 5.4.0-1010, >= 6.8.0-1007, >= 4.15.0-1063, >= 4.15.0-1078, >= 4.15.0-1114)
  • azure-4.15 - Linux kernel for Microsoft Azure Cloud systems - (>= 4.15.0-1115, >= 4.15.0-1168)
  • gcp - Linux kernel for Google Cloud Platform (GCP) systems - (>= 5.4.0-1009, >= 5.15.0-1000, >= 6.8.0-1007, >= 4.15.0-1118)
  • gcp-4.15 - Linux kernel for Google Cloud Platform (GCP) systems - (>= 4.15.0-1121, >= 4.15.0-1154)
  • gcp-5.15 - Linux kernel for Google Cloud Platform (GCP) systems - (>= 5.15.0-1000)
  • generic-4.15 - Linux hardware enablement (HWE) kernel - (>= 4.15.0-69, >= 4.15.0-214, >= 4.15.0-69, >= 4.15.0-143, >= 4.15.0-143)
  • generic-4.4 - Linux kernel - (>= 4.4.0-168, >= 4.4.0-168, >= 4.4.0-211, >= 4.4.0-243)
  • generic-5.15 - Linux hardware enablement (HWE) kernel - (>= 5.15.0-0)
  • generic-5.4 - Linux kernel - (>= 5.4.0-26, >= 5.4.0-150, >= 5.4.0-26)
  • gke - Linux kernel for Google Container Engine (GKE) systems - (>= 5.4.0-1033, >= 5.15.0-1000)
  • gke-5.15 - Linux kernel for Google Container Engine (GKE) systems - (>= 5.15.0-1000)
  • gkeop - Linux kernel for Google Container Engine (GKE) systems - (>= 5.4.0-1009)
  • ibm - Linux kernel for IBM cloud systems - (>= 5.4.0-1009, >= 5.15.0-1000, >= 6.8.0-1005)
  • ibm-5.15 - Linux kernel for IBM cloud systems - (>= 5.15.0-1000)
  • linux - Linux kernel - (>= 5.15.0-71, >= 5.15.0-24, >= 6.8.0-1)
  • lowlatency-4.15 - Linux hardware enablement (HWE) kernel - (>= 4.15.0-69, >= 4.15.0-214, >= 4.15.0-69, >= 4.15.0-143, >= 4.15.0-143)
  • lowlatency-4.4 - Linux kernel - (>= 4.4.0-168, >= 4.4.0-168, >= 4.4.0-211, >= 4.4.0-243)
  • lowlatency-5.15 - Linux hardware enablement (HWE) kernel - (>= 5.15.0-0)
  • lowlatency-5.4 - Linux kernel - (>= 5.4.0-26, >= 5.4.0-150, >= 5.4.0-26)
  • oracle - Linux kernel for Oracle Cloud systems - (>= 4.15.0-1129, >= 5.4.0-1121, >= 5.15.0-1055)
  • oracle-5.15 - Linux kernel for Oracle Cloud systems - (>= 5.15.0-1055)

Details

It was discovered that the ATA over Ethernet (AoE) driver in the Linux
kernel contained a race condition, leading to a use-after-free
vulnerability. An attacker could use this to cause a denial of service or
possibly execute arbitrary code.(CVE-2023-6270)

It was discovered that the netfilter connection tracker for netlink in the
Linux kernel did not properly perform reference counting in some error
conditions. A local attacker could possibly use this to cause a denial of
service (memory exhaustion).(CVE-2023-7192)

In the Linux kernel, the following vulnerability has been
resolved: netfilter: nf_tables: disallow anonymous set with timeout flag
Anonymous sets are never used with timeout from userspace, reject this.
Exception to this rule is NFT_SET_EVAL to ensure legacy meters still work.(CVE-2024-26642)

In the Linux kernel, the following vulnerability has been
resolved: cifs: fix underflow in parse_server_interfaces() In this loop, we
step through the buffer and after each item we check if the size_left is
greater than the minimum size we need. However, the problem is that
'bytes_left' is type ssize_t while sizeof() is type size_t. That means that
because of type promotion, the comparison is done as an unsigned and if we
have negative bytes left the loop continues instead of ending.(CVE-2024-26828)

In the Linux kernel, the following vulnerability has been
resolved: netfilter: nft_set_pipapo: do not free live element (CVE-2024-26924)

Checking update status

The problem can be corrected in these Livepatch versions:

Kernel type 24.04 22.04 20.04 18.04 16.04 14.04
aws 105.1 105.1 105.1 105.1 105.1
aws-5.15 105.1
aws-hwe 105.1
azure 105.1 105.1 105.1
azure-4.15 105.1
gcp 105.1 105.1 105.1 105.1
gcp-4.15 105.1
gcp-5.15 105.1
generic-4.15 105.1 105.1
generic-4.4 105.1 105.1
generic-5.15 105.2
generic-5.4 105.1 105.1
gke 105.1 105.1
gke-5.15 105.1
gkeop 105.1
ibm 105.1 105.1 105.1
ibm-5.15 105.1
linux 105.1 105.2
lowlatency-4.15 105.1 105.1
lowlatency-4.4 105.1 105.1
lowlatency-5.15 105.1
lowlatency-5.4 105.1 105.1
oracle 105.1 105.1 105.1
oracle-5.15 105.1

To check your kernel type and Livepatch version, enter this command:

canonical-livepatch status

References

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading