USN-7173-1: Linux kernel vulnerabilities

Releases

• Ubuntu 20.04 LTS
• Ubuntu 18.04 ESM

Packages

• linux - Linux kernel
• linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
• linux-gcp-5.4 - Linux kernel for Google Cloud Platform (GCP) systems
• linux-hwe-5.4 - Linux hardware enablement (HWE) kernel
• linux-kvm - Linux kernel for cloud environments
• linux-raspi - Linux kernel for Raspberry Pi systems

Details

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not
properly handle certain error conditions, leading to a NULL pointer
dereference. A local attacker could possibly trigger this vulnerability to
cause a denial of service. (CVE-2022-38096)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:

• GPU drivers;
• Network drivers;
• SCSI subsystem;
• Ext4 file system;
• Bluetooth subsystem;
• Memory management;
• Amateur Radio drivers;
• Network traffic control;
• Sun RPC protocol;
• VMware vSockets driver;
  (CVE-2023-52821, CVE-2024-40910, CVE-2024-43892, CVE-2024-49967,
  CVE-2024-50264, CVE-2024-36952, CVE-2024-38553, CVE-2021-47101,
  CVE-2021-47001, CVE-2024-35965, CVE-2024-35963, CVE-2024-35966,
  CVE-2024-35967, CVE-2024-53057, CVE-2024-38597)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 20.04

• linux-image-5.4.0-1121-raspi - 5.4.0-1121.133
• linux-image-5.4.0-1125-kvm - 5.4.0-1125.133
• linux-image-5.4.0-1141-gcp - 5.4.0-1141.150
• linux-image-5.4.0-204-generic - 5.4.0-204.224
• linux-image-5.4.0-204-generic-lpae - 5.4.0-204.224
• linux-image-5.4.0-204-lowlatency - 5.4.0-204.224
• linux-image-gcp-lts-20.04 - 5.4.0.1141.143
• linux-image-generic - 5.4.0.204.200
• linux-image-generic-lpae - 5.4.0.204.200
• linux-image-kvm - 5.4.0.1125.121
• linux-image-lowlatency - 5.4.0.204.200
• linux-image-oem - 5.4.0.204.200
• linux-image-oem-osp1 - 5.4.0.204.200
• linux-image-raspi - 5.4.0.1121.151
• linux-image-raspi2 - 5.4.0.1121.151
• linux-image-virtual - 5.4.0.204.200

Ubuntu 18.04

• linux-image-5.4.0-1141-gcp - 5.4.0-1141.150~18.04.1
  Available with Ubuntu Pro
• linux-image-5.4.0-204-generic - 5.4.0-204.224~18.04.1
  Available with Ubuntu Pro
• linux-image-5.4.0-204-lowlatency - 5.4.0-204.224~18.04.1
  Available with Ubuntu Pro
• linux-image-gcp - 5.4.0.1141.150~18.04.1
  Available with Ubuntu Pro
• linux-image-generic-hwe-18.04 - 5.4.0.204.224~18.04.1
  Available with Ubuntu Pro
• linux-image-lowlatency-hwe-18.04 - 5.4.0.204.224~18.04.1
  Available with Ubuntu Pro
• linux-image-oem - 5.4.0.204.224~18.04.1
  Available with Ubuntu Pro
• linux-image-oem-osp1 - 5.4.0.204.224~18.04.1
  Available with Ubuntu Pro
• linux-image-snapdragon-hwe-18.04 - 5.4.0.204.224~18.04.1
  Available with Ubuntu Pro
• linux-image-virtual-hwe-18.04 - 5.4.0.204.224~18.04.1
  Available with Ubuntu Pro

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References

• CVE-2024-38597
• CVE-2023-52821
• CVE-2024-40910
• CVE-2024-35967
• CVE-2024-38553
• CVE-2022-38096
• CVE-2024-36952
• CVE-2024-49967
• CVE-2021-47101
• CVE-2024-50264
• CVE-2024-53057
• CVE-2024-35965
• CVE-2024-35963
• CVE-2021-47001
• CVE-2024-35966
• CVE-2024-43892

Related notices

• USN-6949-1
• USN-6952-1
• USN-6955-1
• USN-6949-2
• USN-7007-1
• USN-7009-1
• USN-7019-1
• USN-7007-2
• USN-7007-3
• USN-7009-2
• USN-7173-2
• USN-6999-1
• USN-7004-1
• USN-7005-1
• USN-7008-1
• USN-7005-2
• USN-6999-2
• USN-7029-1
• USN-7179-1
• USN-6893-1
• USN-6893-2
• USN-6893-3
• USN-6918-1
• USN-6816-1
• USN-6817-1
• USN-6817-2
• USN-6817-3
• USN-6878-1
• USN-6898-1
• USN-6898-2
• USN-6898-3
• USN-6898-4
• USN-6917-1
• USN-6919-1
• USN-6927-1
• USN-6950-1
• USN-6950-2
• USN-6957-1
• USN-6956-1
• USN-6950-3
• USN-6950-4
• USN-7166-1
• USN-7167-1
• USN-7169-1
• USN-7170-1
• USN-7166-2
• USN-7169-2
• USN-7166-3
• LSN-0108-1
• USN-7163-1
• USN-7100-1
• USN-7100-2
• USN-7123-1
• USN-7144-1
• USN-7154-1
• USN-7155-1
• USN-7156-1