[CLSA-2023:1693333574] Fix of 12 CVEs
Type:
security
Severity:
Important
Release date:
2023-08-29 18:26:19 UTC
Description:
* CVE-url: https://ubuntu.com/security/CVE-2023-4128 - net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after- free - net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after- free - net/sched: cls_route: No longer copy tcf_result on update to avoid use- after-free * CVE-url: https://ubuntu.com/security/CVE-2023-40283 - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb * Jammy update: v5.15.42 upstream stable release (LP: #1981375) // CVE-url: https://ubuntu.com/security/CVE-2023-4387 - net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf() * CVE-2023-20593 // CVE-url: https://ubuntu.com/security/CVE-2023-20593 - x86/cpu/amd: Move the errata checking functionality up - x86/cpu/amd: Add a Zenbleed fix * CVE-2023-35001 // CVE-url: https://ubuntu.com/security/CVE-2023-35001 - netfilter: nf_tables: prevent OOB access in nft_byteorder_eval * Bionic update: upstream stable patchset 2023-04-05 (LP: #2015399) // CVE- url: https://ubuntu.com/security/CVE-2023-3567 - vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF * CVE-url: https://ubuntu.com/security/CVE-2023-0458 - prlimit: do_prlimit needs to have a speculation check * CVE-url: https://ubuntu.com/security/CVE-2023-2513 - ext4: fix use-after-free in ext4_xattr_set_entry * Jammy update: v5.15.61 upstream stable release (LP: #1990162) // CVE-url: https://ubuntu.com/security/CVE-2023-2513 - ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h * CVE-url: https://ubuntu.com/security/CVE-2023-3159 - firewire: fix potential uaf in outbound_phy_packet_callback() * Jammy update: v5.15.106 upstream stable release (LP: #2023233) // CVE-url: https://ubuntu.com/security/CVE-2023-1611 - btrfs: fix race between quota disable and quota assign ioctls * CVE-url: https://ubuntu.com/security/CVE-2023-3611 - net/sched: sch_qfq: account for stab overhead in qfq_enqueue * CVE-2023-3776 // CVE-url: https://ubuntu.com/security/CVE-2023-3776 - net/sched: cls_fw: Fix improper refcount update leads to use-after-free
Updated packages:
  • linux-buildinfo-4.4.0-243-tuxcare.els14-generic_4.4.0-243.277_amd64.deb
    sha:6d8e789ef978b643c31acc577feffbdfd4bb3d20
  • linux-buildinfo-4.4.0-243-tuxcare.els14-lowlatency_4.4.0-243.277_amd64.deb
    sha:7e5e6a09bfdffda4620bad7a732c6d2f6c7f010b
  • linux-cloud-tools-4.4.0-243-tuxcare.els14_4.4.0-243.277_amd64.deb
    sha:9caa52ab1cdb4cbb549d802730573e7efaecb6dd
  • linux-cloud-tools-4.4.0-243-tuxcare.els14-generic_4.4.0-243.277_amd64.deb
    sha:5a52257d83b36eb5ac9335f2a99506b9bf209106
  • linux-cloud-tools-4.4.0-243-tuxcare.els14-lowlatency_4.4.0-243.277_amd64.deb
    sha:83dae2b7b56d061de5f41e5b73621ea500699880
  • linux-cloud-tools-common_4.4.0-243.277_all.deb
    sha:a49ec1e0d0d5a66e91c67cddde11bfc0b4e2f702
  • linux-cloud-tools-generic_4.4.0.243.277_amd64.deb
    sha:57bc48302ce10cfab73ae0cca9a84701d1bae32b
  • linux-cloud-tools-lowlatency_4.4.0.243.277_amd64.deb
    sha:2c5c6c9e00c7437e93f2f8ac0033f8c967ba978a
  • linux-crashdump_4.4.0.243.277_amd64.deb
    sha:701cd184a87ad66c0952055769eba8e0778cb4de
  • linux-doc_4.4.0-243.277_all.deb
    sha:40e3775e08dc5e769b4d8f0b147f8798b9cd858e
  • linux-generic_4.4.0.243.277_amd64.deb
    sha:d05e0a52b3d9f19d3154a51c17b55ef50fa6eff8
  • linux-headers-4.4.0-243-tuxcare.els14_4.4.0-243.277_all.deb
    sha:a3ae5d0ffd72d543bdeb1e5867cef57ec50c090d
  • linux-headers-4.4.0-243-tuxcare.els14-generic_4.4.0-243.277_amd64.deb
    sha:266609f8f1f1e839e6eb5dcd577447ddd6b39ad1
  • linux-headers-4.4.0-243-tuxcare.els14-lowlatency_4.4.0-243.277_amd64.deb
    sha:3f8e0c73359c426155c08f80048f8c1d2f62ad44
  • linux-headers-generic_4.4.0.243.277_amd64.deb
    sha:dd803976f372522f924277aad270acd9fd126281
  • linux-headers-lowlatency_4.4.0.243.277_amd64.deb
    sha:b59b24122e2e5fe68af3b3fa8e3fd2b74c8ed48c
  • linux-image-generic_4.4.0.243.277_amd64.deb
    sha:ae28a84f9495ce615fd61976baecc7adc972c115
  • linux-image-lowlatency_4.4.0.243.277_amd64.deb
    sha:60766c6fb2409558e03a3e36c2578bbe9f7e85a1
  • linux-image-unsigned-4.4.0-243-tuxcare.els14-generic_4.4.0-243.277_amd64.deb
    sha:70b3e83ecdf2ab4ffb318931331dfe587ce53921
  • linux-image-unsigned-4.4.0-243-tuxcare.els14-lowlatency_4.4.0-243.277_amd64.deb
    sha:7a9822b4a93367799f0a8b9cdee6a084d8fa3dac
  • linux-libc-dev_4.4.0-243.277_amd64.deb
    sha:1ddbe7dc5850036922f4b53bd81e1ee42a34e3c3
  • linux-lowlatency_4.4.0.243.277_amd64.deb
    sha:76a6c2ce75bc4f640a3c3a71f02f20aebc30a3f4
  • linux-modules-4.4.0-243-tuxcare.els14-generic_4.4.0-243.277_amd64.deb
    sha:00c9d9168b43ea2818c02dbf94f1c3c1fd647790
  • linux-modules-4.4.0-243-tuxcare.els14-lowlatency_4.4.0-243.277_amd64.deb
    sha:5a743e37d4f1f67c19f6b9e08529465eb3644d20
  • linux-modules-extra-4.4.0-243-tuxcare.els14-generic_4.4.0-243.277_amd64.deb
    sha:98441df0cf90647bb11ac5aca7311c772aeb6a5b
  • linux-source_4.4.0.243.277_all.deb
    sha:b624d2776742ecec753271f0354e395a6c290020
  • linux-source-4.4.0_4.4.0-243.277_all.deb
    sha:f1f1b947daab9a72dd9eacfaccff8df4a455a364
  • linux-tools-4.4.0-243-tuxcare.els14_4.4.0-243.277_amd64.deb
    sha:856cd8025c2094ebf4efbb3017285922a528960b
  • linux-tools-4.4.0-243-tuxcare.els14-generic_4.4.0-243.277_amd64.deb
    sha:58a550dba0633c90c7c925220ba7483f3ee4faa3
  • linux-tools-4.4.0-243-tuxcare.els14-lowlatency_4.4.0-243.277_amd64.deb
    sha:b53c59e3b66599f48cfe3712d4aa951bc82245ef
  • linux-tools-common_4.4.0-243.277_all.deb
    sha:52665617e3ac9b45701c8d7ab29e890cdeeaac86
  • linux-tools-generic_4.4.0.243.277_amd64.deb
    sha:a91f6c3bc0b2a3baf17e6c5b16d5b61bf1442397
  • linux-tools-host_4.4.0-243.277_all.deb
    sha:43da6134a0056f73f7807bdef838e797e38efbf9
  • linux-tools-lowlatency_4.4.0.243.277_amd64.deb
    sha:0c1341a9070f44f466d78435500946fd64ce3430
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.