USN-7089-7: Linux kernel (Low Latency) vulnerabilities

Releases

• Ubuntu 24.04 LTS
• Ubuntu 22.04 LTS

Packages

• linux-lowlatency - Linux low latency kernel
• linux-lowlatency-hwe-6.8 - Linux low latency kernel

Details

Chenyuan Yang discovered that the USB Gadget subsystem in the Linux
kernel did not properly check for the device to be enabled before
writing. A local attacker could possibly use this to cause a denial of
service. (CVE-2024-25741)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:

• ARM32 architecture;
• MIPS architecture;
• PA-RISC architecture;
• PowerPC architecture;
• RISC-V architecture;
• S390 architecture;
• x86 architecture;
• Cryptographic API;
• Serial ATA and Parallel ATA drivers;
• Null block device driver;
• Bluetooth drivers;
• Cdrom driver;
• Clock framework and drivers;
• Hardware crypto device drivers;
• CXL (Compute Express Link) drivers;
• Cirrus firmware drivers;
• GPIO subsystem;
• GPU drivers;
• I2C subsystem;
• IIO subsystem;
• InfiniBand drivers;
• ISDN/mISDN subsystem;
• LED subsystem;
• Multiple devices driver;
• Media drivers;
• Fastrpc Driver;
• Network drivers;
• Microsoft Azure Network Adapter (MANA) driver;
• Near Field Communication (NFC) drivers;
• NVME drivers;
• NVMEM (Non Volatile Memory) drivers;
• PCI subsystem;
• Pin controllers subsystem;
• x86 platform drivers;
• S/390 drivers;
• SCSI drivers;
• Thermal drivers;
• TTY drivers;
• UFS subsystem;
• USB DSL drivers;
• USB core drivers;
• DesignWare USB3 driver;
• USB Gadget drivers;
• USB Serial drivers;
• VFIO drivers;
• VHOST drivers;
• File systems infrastructure;
• BTRFS file system;
• GFS2 file system;
• JFFS2 file system;
• JFS file system;
• Network file systems library;
• Network file system client;
• NILFS2 file system;
• NTFS3 file system;
• SMB network file system;
• Memory management;
• Netfilter;
• Tracing infrastructure;
• io_uring subsystem;
• BPF subsystem;
• Core kernel;
• Bluetooth subsystem;
• CAN network layer;
• Ceph Core library;
• Networking core;
• IPv4 networking;
• IPv6 networking;
• IUCV driver;
• MAC80211 subsystem;
• Network traffic control;
• Sun RPC protocol;
• Wireless networking;
• AMD SoC Alsa drivers;
• SoC Audio for Freescale CPUs drivers;
• MediaTek ASoC drivers;
• SoC audio core drivers;
• SOF drivers;
• Sound sequencer drivers;
  (CVE-2024-42104, CVE-2024-42084, CVE-2024-42252, CVE-2024-41096,
  CVE-2024-42237, CVE-2024-42140, CVE-2024-42150, CVE-2024-41031,
  CVE-2024-41059, CVE-2024-41062, CVE-2024-41051, CVE-2024-41028,
  CVE-2024-41090, CVE-2024-41092, CVE-2024-43855, CVE-2024-41021,
  CVE-2024-42229, CVE-2024-41056, CVE-2024-41048, CVE-2024-41036,
  CVE-2024-42094, CVE-2024-41089, CVE-2024-41068, CVE-2024-41039,
  CVE-2024-41095, CVE-2024-41069, CVE-2024-42234, CVE-2024-42136,
  CVE-2024-41025, CVE-2024-42157, CVE-2024-42248, CVE-2024-42087,
  CVE-2024-41041, CVE-2024-42230, CVE-2024-42151, CVE-2024-42130,
  CVE-2024-42244, CVE-2024-41079, CVE-2024-42253, CVE-2024-42092,
  CVE-2024-41022, CVE-2024-42137, CVE-2024-42132, CVE-2024-42108,
  CVE-2024-42155, CVE-2024-42127, CVE-2024-41060, CVE-2024-42074,
  CVE-2024-41081, CVE-2024-42066, CVE-2024-42098, CVE-2024-42082,
  CVE-2024-42093, CVE-2024-42245, CVE-2024-41072, CVE-2024-41052,
  CVE-2024-42161, CVE-2024-42096, CVE-2024-42115, CVE-2024-41074,
  CVE-2024-42120, CVE-2024-41046, CVE-2024-42239, CVE-2024-41063,
  CVE-2024-42090, CVE-2024-41023, CVE-2024-42069, CVE-2024-41087,
  CVE-2024-42158, CVE-2024-41067, CVE-2024-41084, CVE-2024-41077,
  CVE-2024-42240, CVE-2024-42145, CVE-2024-42102, CVE-2024-41020,
  CVE-2024-42231, CVE-2024-41053, CVE-2024-42131, CVE-2024-42089,
  CVE-2024-41083, CVE-2024-42247, CVE-2024-42105, CVE-2024-41044,
  CVE-2024-42128, CVE-2024-42271, CVE-2024-41037, CVE-2024-42114,
  CVE-2024-42106, CVE-2024-41076, CVE-2024-42088, CVE-2024-41057,
  CVE-2024-41091, CVE-2024-42152, CVE-2024-41070, CVE-2024-41035,
  CVE-2024-41050, CVE-2024-39487, CVE-2024-42113, CVE-2024-42250,
  CVE-2024-41047, CVE-2024-42149, CVE-2024-42079, CVE-2024-42091,
  CVE-2024-42227, CVE-2024-42095, CVE-2024-42109, CVE-2024-41033,
  CVE-2023-52888, CVE-2024-41061, CVE-2024-42223, CVE-2024-42235,
  CVE-2024-41086, CVE-2024-42133, CVE-2024-41082, CVE-2024-41071,
  CVE-2024-41007, CVE-2023-52887, CVE-2024-39486, CVE-2024-41075,
  CVE-2024-42101, CVE-2024-42077, CVE-2024-41042, CVE-2024-42225,
  CVE-2024-42126, CVE-2024-41094, CVE-2024-41085, CVE-2024-41019,
  CVE-2024-41058, CVE-2024-41066, CVE-2024-42156, CVE-2024-42119,
  CVE-2024-41032, CVE-2024-41088, CVE-2024-42100, CVE-2024-42142,
  CVE-2024-41054, CVE-2024-42103, CVE-2024-42124, CVE-2024-41034,
  CVE-2024-42251, CVE-2024-42153, CVE-2024-41045, CVE-2024-42086,
  CVE-2024-42243, CVE-2024-41055, CVE-2024-41078, CVE-2024-42117,
  CVE-2024-41030, CVE-2024-42068, CVE-2024-42110, CVE-2024-42147,
  CVE-2024-42121, CVE-2024-41080, CVE-2024-41027, CVE-2024-43858,
  CVE-2024-42085, CVE-2024-42111, CVE-2024-42238, CVE-2024-41018,
  CVE-2024-42138, CVE-2024-41038, CVE-2024-42070, CVE-2024-42141,
  CVE-2024-41098, CVE-2024-42118, CVE-2024-41073, CVE-2024-42144,
  CVE-2024-42280, CVE-2024-41049, CVE-2024-42076, CVE-2024-41065,
  CVE-2024-42063, CVE-2024-41064, CVE-2024-41017, CVE-2024-42112,
  CVE-2024-42064, CVE-2024-42135, CVE-2024-42146, CVE-2024-41010,
  CVE-2024-41097, CVE-2024-41012, CVE-2024-42097, CVE-2024-42067,
  CVE-2024-42236, CVE-2024-42080, CVE-2024-42241, CVE-2024-42065,
  CVE-2024-42232, CVE-2024-42246, CVE-2024-41093, CVE-2024-41015,
  CVE-2024-42129, CVE-2024-42073, CVE-2024-41029)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 24.04

• linux-image-6.8.0-48-lowlatency - 6.8.0-48.48.3
• linux-image-6.8.0-48-lowlatency-64k - 6.8.0-48.48.3
• linux-image-lowlatency - 6.8.0-48.48.3
• linux-image-lowlatency-64k - 6.8.0-48.48.3
• linux-image-lowlatency-64k-hwe-24.04 - 6.8.0-48.48.3
• linux-image-lowlatency-hwe-24.04 - 6.8.0-48.48.3

Ubuntu 22.04

• linux-image-6.8.0-48-lowlatency - 6.8.0-48.48.3~22.04.1
• linux-image-6.8.0-48-lowlatency-64k - 6.8.0-48.48.3~22.04.1
• linux-image-lowlatency-64k-hwe-22.04 - 6.8.0-48.48.3~22.04.1
• linux-image-lowlatency-hwe-22.04 - 6.8.0-48.48.3~22.04.1

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References

• CVE-2023-52888
• CVE-2024-42097
• CVE-2024-42146
• CVE-2024-42236
• CVE-2024-42244
• CVE-2024-41095
• CVE-2024-42155
• CVE-2024-41073
• CVE-2024-41084
• CVE-2023-52887
• CVE-2024-42156
• CVE-2024-41036
• CVE-2024-41076
• CVE-2024-42131
• CVE-2024-42103
• CVE-2024-42126
• CVE-2024-42248
• CVE-2024-42095
• CVE-2024-42115
• CVE-2024-42253
• CVE-2024-41041
• CVE-2024-42102
• CVE-2024-41077
• CVE-2024-42070
• CVE-2024-41097
• CVE-2024-41054
• CVE-2024-41018
• CVE-2024-41045
• CVE-2024-41019
• CVE-2024-41092
• CVE-2024-42251
• CVE-2024-42093
• CVE-2024-41007
• CVE-2024-42132
• CVE-2024-42161
• CVE-2024-41078
• CVE-2024-41021
• CVE-2024-41020
• CVE-2024-42158
• CVE-2024-42238
• CVE-2024-42091
• CVE-2024-42113
• CVE-2024-42147
• CVE-2024-41071
• CVE-2024-42227
• CVE-2024-42141
• CVE-2024-42280
• CVE-2024-41042
• CVE-2024-42064
• CVE-2024-42149
• CVE-2024-42092
• CVE-2024-42096
• CVE-2024-42130
• CVE-2024-42152
• CVE-2024-41048
• CVE-2024-42080
• CVE-2024-42229
• CVE-2024-41093
• CVE-2024-42150
• CVE-2024-42151
• CVE-2024-42082
• CVE-2024-41030
• CVE-2024-39486
• CVE-2024-42128
• CVE-2024-42223
• CVE-2024-41060
• CVE-2024-42087
• CVE-2024-41057
• CVE-2024-42090
• CVE-2024-42118
• CVE-2024-42231
• CVE-2024-41069
• CVE-2024-41080
• CVE-2024-42065
• CVE-2024-42117
• CVE-2024-42133
• CVE-2024-42129
• CVE-2024-42247
• CVE-2024-41089
• CVE-2024-41049
• CVE-2024-41079
• CVE-2024-42089
• CVE-2024-42112
• CVE-2024-42119
• CVE-2024-42098
• CVE-2024-42230
• CVE-2024-42111
• CVE-2024-42101
• CVE-2024-42108
• CVE-2024-41066
• CVE-2024-41025
• CVE-2024-41062
• CVE-2024-42094
• CVE-2024-41082
• CVE-2024-42246
• CVE-2024-42271
• CVE-2024-41098
• CVE-2024-42140
• CVE-2024-42121
• CVE-2024-41052
• CVE-2024-42127
• CVE-2024-42250
• CVE-2024-42137
• CVE-2024-41096
• CVE-2024-41081
• CVE-2024-41050
• CVE-2024-42084
• CVE-2024-41083
• CVE-2024-42068
• CVE-2024-41029
• CVE-2024-42076
• CVE-2024-42109
• CVE-2024-42153
• CVE-2024-41094
• CVE-2024-41063
• CVE-2024-42088
• CVE-2024-42243
• CVE-2024-41017
• CVE-2024-41047
• CVE-2024-41087
• CVE-2024-41023
• CVE-2024-42232
• CVE-2024-41086
• CVE-2024-42077
• CVE-2024-41067
• CVE-2024-41065
• CVE-2024-42157
• CVE-2024-41051
• CVE-2024-41056
• CVE-2024-41061
• CVE-2024-42239
• CVE-2024-41039
• CVE-2024-42066
• CVE-2024-42120
• CVE-2024-41012
• CVE-2024-39487
• CVE-2024-42135
• CVE-2024-42138
• CVE-2024-41058
• CVE-2024-42074
• CVE-2024-42100
• CVE-2024-41072
• CVE-2024-42085
• CVE-2024-42145
• CVE-2024-42136
• CVE-2024-42069
• CVE-2024-42067
• CVE-2024-42235
• CVE-2024-41027
• CVE-2024-43855
• CVE-2024-42079
• CVE-2024-42106
• CVE-2024-41064
• CVE-2024-41035
• CVE-2024-42110
• CVE-2024-41022
• CVE-2024-42241
• CVE-2024-41070
• CVE-2024-41010
• CVE-2024-41090
• CVE-2024-42240
• CVE-2024-41088
• CVE-2024-41075
• CVE-2024-42124
• CVE-2024-42245
• CVE-2024-43858
• CVE-2024-41038
• CVE-2024-41046
• CVE-2024-41033
• CVE-2024-42144
• CVE-2024-42234
• CVE-2024-41037
• CVE-2024-25741
• CVE-2024-42105
• CVE-2024-42073
• CVE-2024-41068
• CVE-2024-41074
• CVE-2024-42252
• CVE-2024-41032
• CVE-2024-41015
• CVE-2024-42104
• CVE-2024-41028
• CVE-2024-41053
• CVE-2024-41091
• CVE-2024-41034
• CVE-2024-41031
• CVE-2024-42237
• CVE-2024-42114
• CVE-2024-42225
• CVE-2024-42086
• CVE-2024-41044
• CVE-2024-41085
• CVE-2024-41059
• CVE-2024-41055
• CVE-2024-42063
• CVE-2024-42142

Related notices

• USN-7089-2
• USN-7089-1
• USN-7090-1
• USN-7089-3
• USN-7095-1
• USN-7089-4
• USN-7089-5
• USN-7089-6
• USN-7003-1
• USN-7003-2
• USN-7006-1
• USN-7003-3
• USN-7007-1
• USN-7009-1
• USN-7019-1
• USN-7007-2
• USN-7007-3
• USN-7009-2
• USN-7003-4
• USN-7003-5
• USN-7069-1
• USN-7069-2
• USN-7088-1
• USN-7088-2
• USN-7088-3
• USN-7088-4
• USN-7088-5
• USN-7119-1
• USN-7148-1
• USN-7121-1
• USN-7121-2
• USN-7121-3
• USN-7100-1
• USN-7100-2
• USN-7123-1
• USN-7144-1
• USN-7110-1