[CLSA-2023:1695041288] Fix of 8 CVEs
Type:
security
Severity:
Important
Release date:
2023-09-18 12:48:12 UTC
Description:
* CVE-url: https://ubuntu.com/security/CVE-2023-4622 - af_unix: Fix null-ptr-deref in unix_stream_sendpage(). * Jammy update: v5.15.105 upstream stable release (LP: #2023230) // CVE-url: https://ubuntu.com/security/CVE-2022-4269 - net/sched: act_mirred: better wording on protection against excessive stack growth - act_mirred: use the backlog for nested calls to mirred ingress * CVE-url: https://ubuntu.com/security/CVE-2022-4269 - net/sched: user-space can't set unknown tcfa_action values - net/tc: introduce TC_ACT_REINSERT. - act_mirred: use TC_ACT_REINSERT when possible - net: sched: act_mirred method rename for grep-ability and consistency - net: sched: protect against stack overflow in TC act_mirred - net/sched: act_mirred: refactor the handle of xmit - selftests: forwarding: Introduce tc actions tests * Jammy update: v5.15.94 upstream stable release (LP: #2012673) // CVE-url: https://ubuntu.com/security/CVE-2022-27672 - x86/speculation: Identify processors vulnerable to SMT RSB predictions - KVM: x86: Mitigate the cross-thread return address predictions bug - Documentation/hw-vuln: Add documentation for Cross-Thread Return Predictions * CVE-url: https://ubuntu.com/security/CVE-2022-27672 - KVM: x86: drop bogus MWAIT check - KVM: x86: simplify kvm_mwait_in_guest() - KVM: X86: Provide a capability to disable MWAIT intercepts - KVM: X86: Provide a capability to disable HLT intercepts - KVM: VMX: Remove redundant write to set vCPU as active at RESET/INIT - KVM: X86: Provide a capability to disable PAUSE intercepts - x86/headers/UAPI: Move DISABLE_EXITS KVM capability bits to the UAPI - tools headers kvm: Sync uapi/linux/kvm.h with the kernel sources - KVM: X86: Provide a capability to disable cstate msr read intercepts * Jammy update: v5.15.110 upstream stable release (LP: #2025090) // CVE-url: https://ubuntu.com/security/CVE-2023-2002 - bluetooth: Perform careful capability checks in hci_sock_ioctl() * Jammy update: v5.15.80 upstream stable release (LP: #2003122) // CVE-url: https://ubuntu.com/security/CVE-2022-3169 - nvme: ensure subsystem reset is single threaded * CVE-url: https://ubuntu.com/security/CVE-2022-3169 - nvme: host delete_work and reset_work on separate workqueues - PCI/ASPM: Add pcie_aspm_enabled() - nvme-pci: Allow PCI bus-level PM to be used if ASPM is disabled - nvme: Prevent resets during paused controller state - nvme: Add quirk for LiteON CL1 devices running FW 22301111 - nvme: Wait for reset state when required * Jammy update: v5.15.81 upstream stable release (LP: #2003130) // CVE-url: https://ubuntu.com/security/CVE-2022-47519 - wifi: wilc1000: validate length of IEEE80211_P2P_ATTR_OPER_CHANNEL attribute * CVE-2022-47520 // CVE-url: https://ubuntu.com/security/CVE-2022-47520 - wifi: wilc1000: validate pairwise and authentication suite offsets * CVE-url: https://ubuntu.com/security/CVE-2022-45919 - media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221
Updated packages:
  • linux-buildinfo-4.15.0-217-tuxcare.els5-generic_4.15.0-217.228_amd64.deb
    sha:6ca24c6dff081dc9764fcec462aff7c28bb3c479
  • linux-buildinfo-4.15.0-217-tuxcare.els5-lowlatency_4.15.0-217.228_amd64.deb
    sha:507602ed5f9503bc6aea6cfa8c8e7778ff6fe10c
  • linux-cloud-tools-4.15.0-217-tuxcare.els5_4.15.0-217.228_amd64.deb
    sha:7402182d026b52655e47515918660f4d3d096aa6
  • linux-cloud-tools-4.15.0-217-tuxcare.els5-generic_4.15.0-217.228_amd64.deb
    sha:b70f2e14fc09b06b0e9da4d39268015934c40186
  • linux-cloud-tools-4.15.0-217-tuxcare.els5-lowlatency_4.15.0-217.228_amd64.deb
    sha:9d7da4ebe8c383af96bf8c8d105b7f5797f43fcd
  • linux-cloud-tools-common_4.15.0-217.228_all.deb
    sha:ab4af86f0c6f4d353266bcecf527db03ab6f0b98
  • linux-cloud-tools-generic_4.15.0.217.228_amd64.deb
    sha:0d36ab66b3d17ee717f8f20da8317430af202930
  • linux-cloud-tools-lowlatency_4.15.0.217.228_amd64.deb
    sha:12f25875cf27960b57f5ba0914da848d1e0ed60c
  • linux-crashdump_4.15.0.217.228_amd64.deb
    sha:33a2ef49f20d587a9b34d1a0ad982b8c95ffb79c
  • linux-doc_4.15.0-217.228_all.deb
    sha:b43bc3199a60fdd669c928db308104d34f1a18e1
  • linux-generic_4.15.0.217.228_amd64.deb
    sha:5a14577a909444310568334c820527d6d6ea218c
  • linux-headers-4.15.0-217-tuxcare.els5_4.15.0-217.228_all.deb
    sha:9267512563aa173155c7623dbc28f62fbb4c3142
  • linux-headers-4.15.0-217-tuxcare.els5-generic_4.15.0-217.228_amd64.deb
    sha:5fc5360f897996ef143efc0ba8ae10a6fe5f68b3
  • linux-headers-4.15.0-217-tuxcare.els5-lowlatency_4.15.0-217.228_amd64.deb
    sha:f41f8e92d8f42aca76bb5c5b213d57659da899bf
  • linux-headers-generic_4.15.0.217.228_amd64.deb
    sha:4cb2a19d824870b5445e1861f0fefecb26dd5518
  • linux-headers-lowlatency_4.15.0.217.228_amd64.deb
    sha:575113d0d19dac266dd665e28ebf922913d964a7
  • linux-image-generic_4.15.0.217.228_amd64.deb
    sha:0fe6f63dee1ff27c2b3715864487cc2df57f0981
  • linux-image-lowlatency_4.15.0.217.228_amd64.deb
    sha:bcb31e8c5eaf3f343ecc57b13acafc11ea765594
  • linux-image-unsigned-4.15.0-217-tuxcare.els5-generic_4.15.0-217.228_amd64.deb
    sha:b295ff886d0f92a18c57533bdbbad3dea7efcb00
  • linux-image-unsigned-4.15.0-217-tuxcare.els5-lowlatency_4.15.0-217.228_amd64.deb
    sha:022afc0104bb98f22ff43f9ca63de85fef57ecdc
  • linux-libc-dev_4.15.0-217.228_amd64.deb
    sha:680a74a0ba2102d2484060d7ee430fcdd55b962a
  • linux-lowlatency_4.15.0.217.228_amd64.deb
    sha:bcf8ff8e28f36aec150d87d6984eeba616384c8c
  • linux-modules-4.15.0-217-tuxcare.els5-generic_4.15.0-217.228_amd64.deb
    sha:f5212aae9a6affca5ea1a61221be1e59e945e0ee
  • linux-modules-4.15.0-217-tuxcare.els5-lowlatency_4.15.0-217.228_amd64.deb
    sha:d9a84a1f3a3d8a6e388f3c21f4a1c9505ea33119
  • linux-modules-extra-4.15.0-217-tuxcare.els5-generic_4.15.0-217.228_amd64.deb
    sha:85e51f56e0cefa4aa8d06f15c67b99e475358573
  • linux-source_4.15.0.217.228_all.deb
    sha:0ea2ac736938109a17b9514f53091626922ba0a3
  • linux-source-4.15.0_4.15.0-217.228_all.deb
    sha:fdd1cdeb3a3102bb1b85a8651d0e339bc40003e8
  • linux-tools-4.15.0-217-tuxcare.els5_4.15.0-217.228_amd64.deb
    sha:f764163cbbf6b4e61e42d30ef3eb7aede60b115e
  • linux-tools-4.15.0-217-tuxcare.els5-generic_4.15.0-217.228_amd64.deb
    sha:dc19850fe53bbb78fad599277810c0ca7da29e8e
  • linux-tools-4.15.0-217-tuxcare.els5-lowlatency_4.15.0-217.228_amd64.deb
    sha:05c911e77b69ffdf17b9e521bbbe9131d8074032
  • linux-tools-common_4.15.0-217.228_all.deb
    sha:ef20597f8d0224685ec07587ab152e61856ed4b9
  • linux-tools-generic_4.15.0.217.228_amd64.deb
    sha:6ad9652d43a4ac5ad07cffbfee98519ec486edbd
  • linux-tools-host_4.15.0-217.228_all.deb
    sha:985ba7da803f22c8ec77409af2155c55d125ed74
  • linux-tools-lowlatency_4.15.0.217.228_amd64.deb
    sha:138b6691092d1ff4ff7b2d7da37b4c05df3ff996
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.