USN-7295-1: Linux kernel vulnerabilities

Releases

• Ubuntu 20.04 LTS

Packages

• linux-xilinx-zynqmp - Linux kernel for Xilinx ZynqMP processors

Details

Ye Zhang and Nicolas Wu discovered that the io_uring subsystem in the Linux
kernel did not properly handle locking for rings with IOPOLL, leading to a
double-free vulnerability. A local attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2023-21400)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:

• ARM64 architecture;
• Block layer subsystem;
• ACPI drivers;
• Drivers core;
• ATA over ethernet (AOE) driver;
• TPM device driver;
• GPIO subsystem;
• GPU drivers;
• HID subsystem;
• I2C subsystem;
• InfiniBand drivers;
• Mailbox framework;
• Multiple devices driver;
• Media drivers;
• Network drivers;
• NTB driver;
• Virtio pmem driver;
• Parport drivers;
• PCI subsystem;
• SPI subsystem;
• Direct Digital Synthesis drivers;
• TTY drivers;
• USB Device Class drivers;
• USB Dual Role (OTG-ready) Controller drivers;
• USB Serial drivers;
• USB Type-C support driver;
• Framebuffer layer;
• BTRFS file system;
• Ceph distributed file system;
• Ext4 file system;
• F2FS file system;
• File systems infrastructure;
• JFS file system;
• Network file system (NFS) client;
• Network file system (NFS) server daemon;
• NILFS2 file system;
• SMB network file system;
• Network traffic control;
• Network sockets;
• TCP network protocol;
• BPF subsystem;
• Perf events;
• Arbitrary resource management;
• Timer substystem drivers;
• Tracing infrastructure;
• Closures library;
• Memory management;
• Amateur Radio drivers;
• Bluetooth subsystem;
• Ethernet bridge;
• CAN network layer;
• Networking core;
• IPv4 networking;
• IPv6 networking;
• MAC80211 subsystem;
• Netfilter;
• Netlink;
• SCTP protocol;
• TIPC protocol;
• VMware vSockets driver;
• Wireless networking;
• XFRM subsystem;
• Key management;
• FireWire sound drivers;
• AudioScience HPI driver;
• Amlogic Meson SoC drivers;
• KVM core;
  (CVE-2024-50116, CVE-2024-43863, CVE-2024-47757, CVE-2024-50236,
  CVE-2024-53104, CVE-2024-47701, CVE-2024-46854, CVE-2024-50024,
  CVE-2024-46849, CVE-2024-50035, CVE-2024-50262, CVE-2024-50184,
  CVE-2023-52458, CVE-2024-47696, CVE-2024-49957, CVE-2024-47692,
  CVE-2024-50007, CVE-2024-49867, CVE-2024-49900, CVE-2024-50167,
  CVE-2024-47697, CVE-2024-53164, CVE-2024-50179, CVE-2024-44931,
  CVE-2024-50301, CVE-2024-50218, CVE-2024-49995, CVE-2024-47742,
  CVE-2024-47756, CVE-2021-47469, CVE-2024-49982, CVE-2024-50229,
  CVE-2024-49851, CVE-2024-47685, CVE-2024-50265, CVE-2024-50195,
  CVE-2024-47747, CVE-2024-50273, CVE-2024-53066, CVE-2024-49924,
  CVE-2024-49963, CVE-2024-50287, CVE-2024-49948, CVE-2024-47674,
  CVE-2024-40967, CVE-2024-35887, CVE-2024-50044, CVE-2024-50099,
  CVE-2024-53059, CVE-2024-50171, CVE-2024-50082, CVE-2024-41066,
  CVE-2024-50202, CVE-2024-49868, CVE-2024-49952, CVE-2024-49965,
  CVE-2024-50296, CVE-2024-49903, CVE-2024-50194, CVE-2024-47712,
  CVE-2024-53101, CVE-2024-40953, CVE-2024-47706, CVE-2024-49958,
  CVE-2024-50059, CVE-2024-47713, CVE-2024-47737, CVE-2024-49902,
  CVE-2024-49959, CVE-2024-53103, CVE-2024-49973, CVE-2024-50045,
  CVE-2024-47710, CVE-2024-50131, CVE-2024-47671, CVE-2024-50205,
  CVE-2024-47672, CVE-2024-50234, CVE-2024-50233, CVE-2024-49860,
  CVE-2024-50127, CVE-2024-50168, CVE-2024-49962, CVE-2024-38544,
  CVE-2024-47749, CVE-2024-49949, CVE-2024-50096, CVE-2024-50033,
  CVE-2024-49955, CVE-2024-49938, CVE-2024-47698, CVE-2024-50230,
  CVE-2024-47723, CVE-2024-49877, CVE-2024-50180, CVE-2024-38588,
  CVE-2024-49879, CVE-2024-53061, CVE-2024-47679, CVE-2024-49892,
  CVE-2024-50299, CVE-2024-49896, CVE-2024-40911, CVE-2024-50134,
  CVE-2024-47740, CVE-2024-50039, CVE-2024-49985, CVE-2024-41016,
  CVE-2024-50269, CVE-2024-50290, CVE-2024-49882, CVE-2024-47699,
  CVE-2023-52917, CVE-2024-50267, CVE-2024-50151, CVE-2024-50251,
  CVE-2024-49966, CVE-2024-49981, CVE-2024-50008, CVE-2024-50006,
  CVE-2024-50117, CVE-2024-47670, CVE-2024-46853, CVE-2024-50282,
  CVE-2024-46731, CVE-2024-35896, CVE-2024-53141, CVE-2024-50279,
  CVE-2024-50040, CVE-2024-49883, CVE-2024-49878, CVE-2024-47684,
  CVE-2024-49997, CVE-2024-53063, CVE-2024-50302, CVE-2024-42252,
  CVE-2024-47709, CVE-2024-49894, CVE-2024-50142, CVE-2024-49944,
  CVE-2024-50278, CVE-2024-50150, CVE-2024-40965, CVE-2024-50237,
  CVE-2024-49975, CVE-2024-50074, CVE-2024-50143, CVE-2024-50199,
  CVE-2024-50148)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 20.04

• linux-image-5.4.0-1058-xilinx-zynqmp - 5.4.0-1058.62
• linux-image-xilinx-zynqmp - 5.4.0.1058.58

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References

• CVE-2024-50301
• CVE-2024-47747
• CVE-2024-50033
• CVE-2024-53061
• CVE-2024-53141
• CVE-2024-49879
• CVE-2024-40967
• CVE-2024-47742
• CVE-2024-49955
• CVE-2024-49997
• CVE-2024-50116
• CVE-2024-53103
• CVE-2024-47723
• CVE-2024-47672
• CVE-2024-47712
• CVE-2024-53101
• CVE-2024-49973
• CVE-2024-50279
• CVE-2024-49878
• CVE-2024-50234
• CVE-2024-47713
• CVE-2024-50184
• CVE-2024-50008
• CVE-2024-50180
• CVE-2024-50202
• CVE-2024-49962
• CVE-2024-41016
• CVE-2023-52917
• CVE-2024-43863
• CVE-2024-50265
• CVE-2024-50142
• CVE-2024-49948
• CVE-2024-49995
• CVE-2024-49867
• CVE-2024-46731
• CVE-2024-49851
• CVE-2024-40953
• CVE-2024-50299
• CVE-2024-49959
• CVE-2024-49966
• CVE-2024-42252
• CVE-2024-49952
• CVE-2024-46849
• CVE-2024-49924
• CVE-2024-50269
• CVE-2024-50035
• CVE-2024-50179
• CVE-2024-49958
• CVE-2024-53164
• CVE-2024-50167
• CVE-2024-50218
• CVE-2024-47699
• CVE-2024-50099
• CVE-2024-50006
• CVE-2024-50229
• CVE-2024-53063
• CVE-2024-47709
• CVE-2024-53066
• CVE-2024-47706
• CVE-2024-50045
• CVE-2024-49868
• CVE-2024-47710
• CVE-2024-49902
• CVE-2024-35896
• CVE-2024-49963
• CVE-2024-50195
• CVE-2024-49965
• CVE-2024-49877
• CVE-2024-35887
• CVE-2024-50151
• CVE-2024-47674
• CVE-2024-50290
• CVE-2023-52458
• CVE-2024-47671
• CVE-2024-38544
• CVE-2024-49896
• CVE-2024-49883
• CVE-2024-44931
• CVE-2024-49957
• CVE-2024-50007
• CVE-2024-50150
• CVE-2024-49944
• CVE-2024-50287
• CVE-2024-50237
• CVE-2024-47698
• CVE-2024-47696
• CVE-2024-50143
• CVE-2024-47757
• CVE-2024-50074
• CVE-2024-47756
• CVE-2024-50148
• CVE-2024-50134
• CVE-2024-46854
• CVE-2024-49981
• CVE-2024-49900
• CVE-2024-50059
• CVE-2024-50282
• CVE-2024-50171
• CVE-2024-41066
• CVE-2024-50233
• CVE-2024-50199
• CVE-2024-47737
• CVE-2024-49860
• CVE-2024-46853
• CVE-2024-50251
• CVE-2024-49894
• CVE-2024-50082
• CVE-2024-50127
• CVE-2024-47692
• CVE-2024-53059
• CVE-2024-40965
• CVE-2024-49982
• CVE-2024-47701
• CVE-2024-47679
• CVE-2024-53104
• CVE-2024-50230
• CVE-2024-47749
• CVE-2024-50117
• CVE-2024-47697
• CVE-2024-50302
• CVE-2024-50267
• CVE-2024-49882
• CVE-2024-49938
• CVE-2024-50278
• CVE-2024-50262
• CVE-2024-50205
• CVE-2024-50096
• CVE-2024-50236
• CVE-2021-47469
• CVE-2024-50044
• CVE-2024-47670
• CVE-2024-50024
• CVE-2024-49892
• CVE-2024-38588
• CVE-2023-21400
• CVE-2024-50039
• CVE-2024-49975
• CVE-2024-49985
• CVE-2024-50168
• CVE-2024-47684
• CVE-2024-40911
• CVE-2024-50131
• CVE-2024-50296
• CVE-2024-47740
• CVE-2024-49949
• CVE-2024-49903
• CVE-2024-50194
• CVE-2024-50273
• CVE-2024-47685
• CVE-2024-50040

Related notices

• USN-7276-1
• USN-7277-1
• USN-7294-1
• USN-7288-1
• USN-7289-1
• USN-7291-1
• USN-7288-2
• USN-7289-2
• USN-7293-1
• USN-7289-3
• USN-7166-1
• USN-7166-2
• USN-7166-3
• USN-7186-1
• USN-7186-2
• USN-7194-1
• USN-7166-4
• USN-7301-1
• USN-7232-1
• USN-7233-1
• USN-7234-1
• USN-7235-1
• USN-7236-1
• USN-7237-1
• USN-7236-2
• USN-7235-2
• USN-7233-2
• USN-7234-2
• USN-7233-3
• USN-7234-3
• USN-7262-1
• USN-7234-4
• USN-7235-3
• USN-7236-3
• USN-7262-2
• USN-7234-5
• USN-6999-1
• USN-7004-1
• USN-7005-1
• USN-7007-1
• USN-7005-2
• USN-7008-1
• USN-7009-1
• USN-7019-1
• USN-7007-2
• USN-6999-2
• USN-7007-3
• USN-7029-1
• USN-7009-2
• USN-7238-1
• USN-7238-2
• USN-7238-3
• USN-7238-4
• LSN-0109-1
• USN-7100-1
• USN-7100-2
• USN-7123-1
• USN-7144-1
• USN-7154-1
• USN-7155-1
• USN-7156-1
• USN-7154-2
• USN-7196-1
• USN-7089-2
• USN-7089-1
• USN-7090-1
• USN-7089-3
• USN-7095-1
• USN-7089-4
• USN-7089-5
• USN-7089-6
• USN-7089-7
• USN-6893-1
• USN-6898-1
• USN-6893-2
• USN-6898-2
• USN-6898-3
• USN-6893-3
• USN-6898-4
• USN-6917-1
• USN-6918-1
• USN-6919-1
• USN-6927-1
• USN-6688-1
• USN-6725-1
• USN-6725-2
• USN-6818-1
• USN-6819-1
• USN-6818-2
• USN-6819-2
• USN-6819-3
• USN-6818-3
• USN-6818-4
• USN-6819-4
• USN-6949-1
• USN-6952-1
• USN-6955-1
• USN-6949-2
• USN-7170-1
• USN-6315-1
• USN-6325-1
• USN-6330-1
• USN-6332-1
• USN-6348-1
• LSN-0098-1