Ubuntu

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - M68K architecture; - User-Mode Linux (UML); - x86 architecture; - Accessibility subsystem; - Character device driver; - Clock framework and drivers; - CPU frequency scaling framework; - Hardware crypto device drivers; - Buffer Sharing and Synchronization framework; - FireWire subsystem; - ARM SCMI message protocol; - GPU drivers; - HW tracing; - InfiniBand drivers; - Macintosh device drivers; - Multiple devices driver; - Media drivers; - Network drivers; - Pin controllers subsystem; - S/390 drivers; - SCSI drivers; - SoundWire subsystem; - Greybus lights staging drivers; - TTY drivers; - Framebuffer layer; - Virtio drivers; - 9P distributed file system; - eCrypt file system; - EROFS file system; - Ext4 file system; - F2FS file system; - JFFS2 file system; - Network file system client; - NILFS2 file system; - SMB network file system; - Mellanox drivers; - Kernel debugger infrastructure; - IRQ subsystem; - Tracing infrastructure; - Dynamic debug library; - 9P file system network protocol; - Bluetooth subsystem; - Networking core; - IPv4 networking; - IPv6 networking; - Netfilter; - NET/ROM layer; - NFC subsystem; - NSH protocol; - Open vSwitch; - Phonet protocol; - TIPC protocol; - TLS protocol; - Unix domain sockets; - Wireless networking; - eXpress Data Path; - XFRM subsystem; - ALSA framework; (CVE-2022-48674, CVE-2024-36016, CVE-2024-36934, CVE-2024-39471, CVE-2024-38381, CVE-2024-26584, CVE-2024-38635, CVE-2024-36902, CVE-2022-48772, CVE-2024-38600, CVE-2024-39475, CVE-2024-26886, CVE-2024-39301, CVE-2024-36919, CVE-2024-35947, CVE-2024-38559, CVE-2024-38637, CVE-2024-36014, CVE-2024-36960, CVE-2024-35976, CVE-2024-27399, CVE-2024-38607, CVE-2024-38558, CVE-2024-38578, CVE-2024-36015, CVE-2024-39488, CVE-2024-38780, CVE-2024-36940, CVE-2024-38621, CVE-2024-38659, CVE-2024-26585, CVE-2024-27019, CVE-2024-38615, CVE-2024-38661, CVE-2024-37353, CVE-2024-38549, CVE-2024-38579, CVE-2024-27401, CVE-2024-38589, CVE-2024-38565, CVE-2022-48655, CVE-2024-38567, CVE-2024-38587, CVE-2024-37356, CVE-2024-36959, CVE-2024-39493, CVE-2024-38627, CVE-2024-36939, CVE-2024-31076, CVE-2024-36971, CVE-2024-38560, CVE-2024-39467, CVE-2024-36286, CVE-2024-39480, CVE-2024-26907, CVE-2024-36017, CVE-2024-38634, CVE-2023-52585, CVE-2024-38582, CVE-2023-52752, CVE-2024-38583, CVE-2024-38618, CVE-2024-36946, CVE-2024-39292, CVE-2024-36950, CVE-2024-36886, CVE-2024-39489, CVE-2024-36933, CVE-2024-27398, CVE-2023-52434, CVE-2024-36905, CVE-2024-38596, CVE-2021-47131, CVE-2024-38601, CVE-2024-38552, CVE-2024-26583, CVE-2024-38633, CVE-2024-36964, CVE-2024-39276, CVE-2024-36270, CVE-2024-38613, CVE-2024-36904, CVE-2024-38598, CVE-2024-38612, CVE-2024-36941, CVE-2024-36954, CVE-2024-38599, CVE-2024-36883, CVE-2023-52882, CVE-2024-33621)

It was discovered that QEMU did not properly handle certain memory operations, which could result in a buffer overflow. An attacker could potentially use this issue to cause a denial of service. (CVE-2024-26327) It was discovered that QEMU did not properly handle certain memory operations, which could result in an out-of-bounds memory access. An attacker could potentially use this issue to cause a denial of service. (CVE-2024-26328)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - User-Mode Linux (UML); - MMC subsystem; (CVE-2024-39292, CVE-2024-39484)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - SuperH RISC architecture; - User-Mode Linux (UML); - MMC subsystem; - Network drivers; - GFS2 file system; - IPv4 networking; - IPv6 networking; (CVE-2024-26921, CVE-2023-52629, CVE-2024-26680, CVE-2024-26830, CVE-2024-39484, CVE-2024-39292, CVE-2024-36901, CVE-2023-52760)

It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A privileged local attacker could use this to possibly cause a denial of service (system crash). (CVE-2024-24860) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - SuperH RISC architecture; - MMC subsystem; - Network drivers; - SCSI drivers; - GFS2 file system; - IPv4 networking; - IPv6 networking; - HD-audio driver; (CVE-2024-26830, CVE-2024-39484, CVE-2024-36901, CVE-2024-26929, CVE-2024-26921, CVE-2021-46926, CVE-2023-52629, CVE-2023-52760)

Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux Kernel contained a race condition, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2024-22099) It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A privileged local attacker could use this to possibly cause a denial of service (system crash). (CVE-2024-24860) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - SuperH RISC architecture; - User-Mode Linux (UML); - GPU drivers; - MMC subsystem; - Network drivers; - PHY drivers; - Pin controllers subsystem; - Xen hypervisor drivers; - GFS2 file system; - Core kernel; - Bluetooth subsystem; - IPv4 networking; - IPv6 networking; - HD-audio driver; - ALSA SH drivers; (CVE-2024-26903, CVE-2024-35835, CVE-2023-52644, CVE-2024-39292, CVE-2024-36940, CVE-2024-26600, CVE-2023-52629, CVE-2024-35955, CVE-2023-52760, CVE-2023-52806, CVE-2024-39484, CVE-2024-26679, CVE-2024-26654, CVE-2024-36901, CVE-2024-26687, CVE-2023-52470)

It was discovered that the Option USB High Speed Mobile device driver in the Linux kernel did not properly handle error conditions. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-37159) A security issue was discovered in the Linux kernel. An attacker could possibly use this to compromise the system. This update corrects flaws in the following subsystem: - Network drivers; (CVE-2021-46904)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - Block layer subsystem; - Bluetooth drivers; - Clock framework and drivers; - FireWire subsystem; - GPU drivers; - InfiniBand drivers; - Multiple devices driver; - EEPROM drivers; - Network drivers; - Pin controllers subsystem; - Remote Processor subsystem; - S/390 drivers; - SCSI drivers; - 9P distributed file system; - Network file system client; - SMB network file system; - Socket messages infrastructure; - Dynamic debug library; - Bluetooth subsystem; - Networking core; - IPv4 networking; - IPv6 networking; - Multipath TCP; - NSH protocol; - Phonet protocol; - TIPC protocol; - Wireless networking; - Key management; - ALSA framework; - HD-audio driver; (CVE-2024-36883, CVE-2024-36940, CVE-2024-36902, CVE-2024-36975, CVE-2024-36964, CVE-2024-36938, CVE-2024-36931, CVE-2024-35848, CVE-2024-26900, CVE-2024-36967, CVE-2024-36904, CVE-2024-27398, CVE-2024-36031, CVE-2023-52585, CVE-2024-36886, CVE-2024-36937, CVE-2024-36954, CVE-2024-36916, CVE-2024-36905, CVE-2024-36959, CVE-2024-26980, CVE-2024-26936, CVE-2024-36928, CVE-2024-36889, CVE-2024-36929, CVE-2024-36933, CVE-2024-27399, CVE-2024-36946, CVE-2024-36906, CVE-2024-36965, CVE-2024-36957, CVE-2024-36941, CVE-2024-36897, CVE-2024-36952, CVE-2024-36947, CVE-2024-36950, CVE-2024-36880, CVE-2024-36017, CVE-2023-52882, CVE-2024-36969, CVE-2024-38600, CVE-2024-36955, CVE-2024-36960, CVE-2024-27401, CVE-2024-36919, CVE-2024-36934, CVE-2024-35947, CVE-2024-36953, CVE-2024-36944, CVE-2024-36939)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - M68K architecture; - User-Mode Linux (UML); - x86 architecture; - Accessibility subsystem; - Character device driver; - Clock framework and drivers; - CPU frequency scaling framework; - Hardware crypto device drivers; - Buffer Sharing and Synchronization framework; - FireWire subsystem; - GPU drivers; - HW tracing; - Macintosh device drivers; - Multiple devices driver; - Media drivers; - Network drivers; - Pin controllers subsystem; - S/390 drivers; - SCSI drivers; - SoundWire subsystem; - Greybus lights staging drivers; - TTY drivers; - Framebuffer layer; - Virtio drivers; - 9P distributed file system; - eCrypt file system; - EROFS file system; - Ext4 file system; - F2FS file system; - JFFS2 file system; - Network file system client; - NILFS2 file system; - SMB network file system; - Kernel debugger infrastructure; - IRQ subsystem; - Tracing infrastructure; - Dynamic debug library; - 9P file system network protocol; - Bluetooth subsystem; - Networking core; - IPv4 networking; - IPv6 networking; - Netfilter; - NET/ROM layer; - NFC subsystem; - NSH protocol; - Open vSwitch; - Phonet protocol; - TIPC protocol; - Unix domain sockets; - Wireless networking; - eXpress Data Path; - XFRM subsystem; - ALSA framework; (CVE-2024-36934, CVE-2024-38578, CVE-2024-38600, CVE-2024-27399, CVE-2024-39276, CVE-2024-38596, CVE-2024-36933, CVE-2024-36919, CVE-2024-35976, CVE-2024-37356, CVE-2023-52585, CVE-2024-38558, CVE-2024-38560, CVE-2024-38634, CVE-2024-36959, CVE-2024-38633, CVE-2024-36886, CVE-2024-27398, CVE-2024-39493, CVE-2024-26886, CVE-2024-31076, CVE-2024-38559, CVE-2024-38615, CVE-2024-36971, CVE-2024-38627, CVE-2024-36964, CVE-2024-38780, CVE-2024-37353, CVE-2024-38621, CVE-2024-36883, CVE-2024-39488, CVE-2024-38661, CVE-2024-36939, CVE-2024-38589, CVE-2024-38565, CVE-2024-38381, CVE-2024-35947, CVE-2024-36905, CVE-2022-48772, CVE-2024-36017, CVE-2024-36946, CVE-2024-27401, CVE-2024-38579, CVE-2024-38612, CVE-2024-38598, CVE-2024-38635, CVE-2024-38587, CVE-2024-38567, CVE-2024-38549, CVE-2024-36960, CVE-2023-52752, CVE-2024-27019, CVE-2024-38601, CVE-2024-39489, CVE-2024-39467, CVE-2023-52882, CVE-2024-38583, CVE-2024-39480, CVE-2024-38607, CVE-2024-36940, CVE-2024-38659, CVE-2023-52434, CVE-2024-36015, CVE-2024-38582, CVE-2024-36950, CVE-2024-38552, CVE-2024-33621, CVE-2024-36954, CVE-2024-39475, CVE-2024-39301, CVE-2024-38599, CVE-2024-36902, CVE-2024-36286, CVE-2024-38613, CVE-2024-38637, CVE-2024-36941, CVE-2024-36014, CVE-2024-38618, CVE-2024-36904, CVE-2024-36270, CVE-2024-39292, CVE-2024-39471, CVE-2022-48674)

It was discovered that vim incorrectly handled parsing of filenames in its search functionality. If a user was tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service. (CVE-2021-3973) It was discovered that vim incorrectly handled memory when opening and searching the contents of certain files. If a user was tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service, or possibly achieve code execution with user privileges. (CVE-2021-3974) It was discovered that vim incorrectly handled memory when opening and editing certain files. If a user was tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service, or possibly achieve code execution with user privileges. (CVE-2021-3984, CVE-2021-4019, CVE-2021-4069)

USN-6966-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-7518, CVE-2024-7521, CVE-2024-7524, CVE-2024-7526, CVE-2024-7527, CVE-2024-7528, CVE-2024-7529, CVE-2024-7530, CVE-2024-7531) It was discovered that Firefox did not properly manage certain memory operations when processing graphics shared memory. An attacker could potentially exploit this issue to escape the sandbox. (CVE-2024-7519) Nan Wang discovered that Firefox did not properly handle type check in WebAssembly. An attacker could potentially exploit this issue to execute arbitrary code. (CVE-2024-7520) Irvan Kurniawan discovered that Firefox did not properly check an attribute value in the editor component, leading to an out-of-bounds read vulnerability. An attacker could possibly use this issue to cause a denial of service or expose sensitive information. (CVE-2024-7522) Rob Wu discovered that Firefox did not properly check permissions when creating a StreamFilter. An attacker could possibly use this issue to modify response body of requests on any site using a web extension. (CVE-2024-7525)

USN-6944-1 fixed CVE-2024-7264 for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 24.04 LTS. This update provides the corresponding fix for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. Original advisory details: Dov Murik discovered that curl incorrectly handled parsing ASN.1 Generalized Time fields. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly obtain sensitive memory contents.

It was discovered that exfatprogs incorrectly handled certain memory operations. If a user or automated system were tricked into handling specially crafted exfat partitions, a remote attacker could use this issue to cause exfatprogs to crash, resulting in a denial of service, or possibly execute arbitrary code.

It was discovered that Cacti did not properly apply checks to the "Package Import" feature. An attacker could possibly use this issue to perform arbitrary code execution. This issue only affected Ubuntu 24.04 LTS, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS and Ubuntu 18.04 LTS. (CVE-2024-25641) It was discovered that Cacti did not properly sanitize values when using javascript based API. A remote attacker could possibly use this issue to inject arbitrary javascript code resulting into cross-site scripting vulnerability. This issue only affected Ubuntu 24.04 LTS. (CVE-2024-29894) It was discovered that Cacti did not properly sanitize values when managing data queries. A remote attacker could possibly use this issue to inject arbitrary javascript code resulting into cross-site scripting vulnerability. (CVE-2024-31443) It was discovered that Cacti did not properly sanitize values when reading tree rules with Automation API. A remote attacker could possibly use this issue to inject arbitrary javascript code resulting into cross-site scripting vulnerability. (CVE-2024-31444) It was discovered that Cacti did not properly sanitize "get_request_var('filter')" values in the "api_automation.php" file. A remote attacker could possibly use this issue to perform SQL injection attacks. This issue only affected Ubuntu 24.04 LTS, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS and Ubuntu 18.04 LTS. (CVE-2024-31445) It was discovered that Cacti did not properly sanitize data stored in "form_save()" function in the "graph_template_inputs.php" file. A remote attacker could possibly use this issue to perform SQL injection attacks. (CVE-2024-31458) It was discovered that Cacti did not properly validate the file urls from the lib/plugin.php file. An attacker could possibly use this issue to perform arbitrary code execution. (CVE-2024-31459) It was discovered that Cacti did not properly validate the data stored in the "automation_tree_rules.php". A remote attacker could possibly use this issue to perform SQL injection attacks. This issue only affected Ubuntu 24.04 LTS, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS and Ubuntu 18.04 LTS. (CVE-2024-31460) It was discovered that Cacti did not properly verify the user password. An attacker could possibly use this issue to bypass authentication mechanism. This issue only affected Ubuntu 24.04 LTS, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS and Ubuntu 18.04 LTS. (CVE-2024-34360)

It was discovered that some Intel® Core™ Ultra Processors did not properly isolate the stream cache. A local authenticated user could potentially use this to escalate their privileges. (CVE-2023-42667) It was discovered that some Intel® Processors did not properly isolate the stream cache. A local authenticated user could potentially use this to escalate their privileges. (CVE-2023-49141) It was discovered that some Intel® Processors did not correctly transition between the executive monitor and SMI transfer monitor (STM). A privileged local attacker could use this to escalate their privileges. (CVE-2024-24853) It was discovered that some 3rd, 4th, and 5th Generation Intel® Xeon® Processors failed to properly implement a protection mechanism. A local attacker could use this to potentially escalate their privileges. (CVE-2024-24980) It was discovered that some 3rd Generation Intel Xeon Scalable Processors did not properly handle mirrored regions with different values. A privileged local user could use this to cause a denial of service (system crash). (CVE-2024-25939)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - M68K architecture; - User-Mode Linux (UML); - x86 architecture; - Accessibility subsystem; - Character device driver; - Clock framework and drivers; - CPU frequency scaling framework; - Hardware crypto device drivers; - Buffer Sharing and Synchronization framework; - FireWire subsystem; - GPU drivers; - HW tracing; - Macintosh device drivers; - Multiple devices driver; - Media drivers; - Network drivers; - Pin controllers subsystem; - S/390 drivers; - SCSI drivers; - SoundWire subsystem; - Greybus lights staging drivers; - TTY drivers; - Framebuffer layer; - Virtio drivers; - 9P distributed file system; - eCrypt file system; - EROFS file system; - Ext4 file system; - F2FS file system; - JFFS2 file system; - Network file system client; - NILFS2 file system; - SMB network file system; - Kernel debugger infrastructure; - IRQ subsystem; - Tracing infrastructure; - Dynamic debug library; - 9P file system network protocol; - Bluetooth subsystem; - Networking core; - IPv4 networking; - IPv6 networking; - Netfilter; - NET/ROM layer; - NFC subsystem; - NSH protocol; - Open vSwitch; - Phonet protocol; - TIPC protocol; - Unix domain sockets; - Wireless networking; - eXpress Data Path; - XFRM subsystem; - ALSA framework; (CVE-2024-36934, CVE-2024-38578, CVE-2024-38600, CVE-2024-27399, CVE-2024-39276, CVE-2024-38596, CVE-2024-36933, CVE-2024-36919, CVE-2024-35976, CVE-2024-37356, CVE-2023-52585, CVE-2024-38558, CVE-2024-38560, CVE-2024-38634, CVE-2024-36959, CVE-2024-38633, CVE-2024-36886, CVE-2024-27398, CVE-2024-39493, CVE-2024-26886, CVE-2024-31076, CVE-2024-38559, CVE-2024-38615, CVE-2024-36971, CVE-2024-38627, CVE-2024-36964, CVE-2024-38780, CVE-2024-37353, CVE-2024-38621, CVE-2024-36883, CVE-2024-39488, CVE-2024-38661, CVE-2024-36939, CVE-2024-38589, CVE-2024-38565, CVE-2024-38381, CVE-2024-35947, CVE-2024-36905, CVE-2022-48772, CVE-2024-36017, CVE-2024-36946, CVE-2024-27401, CVE-2024-38579, CVE-2024-38612, CVE-2024-38598, CVE-2024-38635, CVE-2024-38587, CVE-2024-38567, CVE-2024-38549, CVE-2024-36960, CVE-2023-52752, CVE-2024-27019, CVE-2024-38601, CVE-2024-39489, CVE-2024-39467, CVE-2023-52882, CVE-2024-38583, CVE-2024-39480, CVE-2024-38607, CVE-2024-36940, CVE-2024-38659, CVE-2023-52434, CVE-2024-36015, CVE-2024-38582, CVE-2024-36950, CVE-2024-38552, CVE-2024-33621, CVE-2024-36954, CVE-2024-39475, CVE-2024-39301, CVE-2024-38599, CVE-2024-36902, CVE-2024-36286, CVE-2024-38613, CVE-2024-38637, CVE-2024-36941, CVE-2024-36014, CVE-2024-38618, CVE-2024-36904, CVE-2024-36270, CVE-2024-39292, CVE-2024-39471, CVE-2022-48674)

Noah Misch discovered that PostgreSQL incorrectly handled certain SQL objects. An attacker could possibly use this issue to execute arbitrary SQL functions as the superuser.

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2024-7518, CVE-2024-7521, CVE-2024-7524, CVE-2024-7526, CVE-2024-7527, CVE-2024-7528, CVE-2024-7529, CVE-2024-7530, CVE-2024-7531) It was discovered that Firefox did not properly manage certain memory operations when processing graphics shared memory. An attacker could potentially exploit this issue to escape the sandbox. (CVE-2024-7519) Nan Wang discovered that Firefox did not properly handle type check in WebAssembly. An attacker could potentially exploit this issue to execute arbitrary code. (CVE-2024-7520) Irvan Kurniawan discovered that Firefox did not properly check an attribute value in the editor component, leading to an out-of-bounds read vulnerability. An attacker could possibly use this issue to cause a denial of service or expose sensitive information. (CVE-2024-7522) Rob Wu discovered that Firefox did not properly check permissions when creating a StreamFilter. An attacker could possibly use this issue to modify response body of requests on any site using a web extension. (CVE-2024-7525)

It was discovered that Rack incorrectly parsed certain media types. A remote attacker could possibly use this issue to cause Rack to consume resources, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2024-25126) It was discovered that Rack incorrectly handled certain Range headers. A remote attacker could possibly use this issue to cause Rack to create large responses, leading to a denial of service. (CVE-2024-26141) It was discovered that Rack incorrectly handled certain crafted headers. A remote attacker could possibly use this issue to cause Rack to consume resources, leading to a denial of service. (CVE-2024-26146)

USN-6909-1 fixed vulnerabilities in Bind. This update provides the corresponding updates for Ubuntu 16.04 LTS. Original advisory details: Toshifumi Sakaguchi discovered that Bind incorrectly handled having a very large number of RRs existing at the same time. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. (CVE-2024-1737) It was discovered that Bind incorrectly handled a large number of SIG(0) signed requests. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. (CVE-2024-1975)