deb package
ubuntu/linux-oem-6.5
pkg:deb/ubuntu/linux-oem-6.5
Vulnerabilities (122)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-2201 | Med | 4.7 | < 6.5.0-1022.23 | 6.5.0-1022.23 | Dec 19, 2024 | A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recent Fine(IBT), and to leak arbitrary Linux kernel memory on Intel systems. | |
| CVE-2024-26808 | — | < 6.5.0-1022.23 | 6.5.0-1022.23 | Apr 4, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain Remove netdevice from inet/ingress basechain in case NETDEV_UNREGISTER event is reported, otherwise a stale reference to netdevic | ||
| CVE-2024-26673 | — | < 6.5.0-1022.23 | 6.5.0-1022.23 | Apr 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations - Disallow families other than NFPROTO_{IPV4,IPV6,INET}. - Disallow layer 4 protocol with no ports, since destination port is a | ||
| CVE-2024-26671 | — | < 6.5.0-1022.23 | 6.5.0-1022.23 | Apr 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix IO hang from sbitmap wakeup race In blk_mq_mark_tag_wait(), __add_wait_queue() may be re-ordered with the following blk_mq_get_driver_tag() in case of getting driver tag failure. Then in __sbitmap_ | ||
| CVE-2023-52635 | — | < 6.5.0-1022.23 | 6.5.0-1022.23 | Apr 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Synchronize devfreq_monitor_[start/stop] There is a chance if a frequent switch of the governor done in a loop result in timer list corruption where timer cancel being done from two place one from | ||
| CVE-2023-52633 | — | < 6.5.0-1022.23 | 6.5.0-1022.23 | Apr 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: um: time-travel: fix time corruption In 'basic' time-travel mode (without =inf-cpu or =ext), we still get timer interrupts. These can happen at arbitrary points in time, i.e. while in timer_read(), which pushes | ||
| CVE-2023-52632 | — | < 6.5.0-1022.23 | 6.5.0-1022.23 | Apr 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix lock dependency warning with srcu ====================================================== WARNING: possible circular locking dependency detected 6.5.0-kfd-yangp #2289 Not tainted ---------------- | ||
| CVE-2024-26670 | — | < 6.5.0-1022.23 | 6.5.0-1022.23 | Apr 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: arm64: entry: fix ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD Currently the ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD workaround isn't quite right, as it is supposed to be applied after the last explicit memory acc | ||
| CVE-2024-26669 | — | < 6.5.0-1022.23 | 6.5.0-1022.23 | Apr 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/sched: flower: Fix chain template offload When a qdisc is deleted from a net device the stack instructs the underlying driver to remove its flow offload callback from the associated filter block using the ' | ||
| CVE-2024-26668 | — | < 6.5.0-1022.23 | 6.5.0-1022.23 | Apr 2, 2024 | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_limit: reject configurations that cause integer overflow Reject bogus configs where internal token counter wraps around. This only occurs with very very large requests, such as 17gbyte/s. Its be | ||
| CVE-2024-26649 | — | < 6.5.0-1022.23 | 6.5.0-1022.23 | Mar 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix the null pointer when load rlc firmware If the RLC firmware is invalid because of wrong header size, the pointer to the rlc firmware is released in function amdgpu_ucode_request. There will be a | ||
| CVE-2024-26647 | — | < 6.5.0-1022.23 | 6.5.0-1022.23 | Mar 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix late derefrence 'dsc' check in 'link_set_dsc_pps_packet()' In link_set_dsc_pps_packet(), 'struct display_stream_compressor *dsc' was dereferenced in a DC_LOGGER_INIT(dsc->ctx->logger); befo | ||
| CVE-2024-26646 | — | < 6.5.0-1022.23 | 6.5.0-1022.23 | Mar 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: thermal: intel: hfi: Add syscore callbacks for system-wide PM The kernel allocates a memory buffer and provides its location to the hardware, which uses it to update the HFI table. This allocation occurs during | ||
| CVE-2023-52627 | — | < 6.5.0-1022.23 | 6.5.0-1022.23 | Mar 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7091r: Allow users to configure device events AD7091R-5 devices are supported by the ad7091r-5 driver together with the ad7091r-base driver. Those drivers declared iio events for notifying user spac | ||
| CVE-2023-52626 | — | < 6.5.0-1022.23 | 6.5.0-1022.23 | Mar 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix operation precedence bug in port timestamping napi_poll context Indirection (*) is of lower precedence than postfix increment (++). Logic in napi_poll context would cause an out-of-bound read by | ||
| CVE-2023-52623 | — | < 6.5.0-1022.23 | 6.5.0-1022.23 | Mar 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix a suspicious RCU usage warning I received the following warning while running cthon against an ontap server running pNFS: [ 57.202521] ============================= [ 57.202522] WARNING: suspic | ||
| CVE-2023-52622 | — | < 6.5.0-1022.23 | 6.5.0-1022.23 | Mar 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: ext4: avoid online resizing failures due to oversized flex bg When we online resize an ext4 filesystem with a oversized flexbg_size, mkfs.ext4 -F -G 67108864 $dev -b 4096 100M mount $dev $dir re | ||
| CVE-2023-52621 | — | < 6.5.0-1022.23 | 6.5.0-1022.23 | Mar 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers These three bpf_map_{lookup,update,delete}_elem() helpers are also available for sleepable bpf program, so add the corresponding lock asserti | ||
| CVE-2024-26645 | — | < 6.5.0-1022.23 | 6.5.0-1022.23 | Mar 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: tracing: Ensure visibility when inserting an element into tracing_map Running the following two commands in parallel on a multi-processor AArch64 machine can sporadically produce an unexpected warning about dup | ||
| CVE-2024-26644 | — | < 6.5.0-1022.23 | 6.5.0-1022.23 | Mar 26, 2024 | In the Linux kernel, the following vulnerability has been resolved: btrfs: don't abort filesystem when attempting to snapshot deleted subvolume If the source file descriptor to the snapshot ioctl refers to a deleted subvolume, we get the following abort: BTRFS: Transaction a |
- affected < 6.5.0-1022.23fixed 6.5.0-1022.23
A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recent Fine(IBT), and to leak arbitrary Linux kernel memory on Intel systems.
- CVE-2024-26808Apr 4, 2024affected < 6.5.0-1022.23fixed 6.5.0-1022.23
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain Remove netdevice from inet/ingress basechain in case NETDEV_UNREGISTER event is reported, otherwise a stale reference to netdevic
- CVE-2024-26673Apr 2, 2024affected < 6.5.0-1022.23fixed 6.5.0-1022.23
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations - Disallow families other than NFPROTO_{IPV4,IPV6,INET}. - Disallow layer 4 protocol with no ports, since destination port is a
- CVE-2024-26671Apr 2, 2024affected < 6.5.0-1022.23fixed 6.5.0-1022.23
In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix IO hang from sbitmap wakeup race In blk_mq_mark_tag_wait(), __add_wait_queue() may be re-ordered with the following blk_mq_get_driver_tag() in case of getting driver tag failure. Then in __sbitmap_
- CVE-2023-52635Apr 2, 2024affected < 6.5.0-1022.23fixed 6.5.0-1022.23
In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Synchronize devfreq_monitor_[start/stop] There is a chance if a frequent switch of the governor done in a loop result in timer list corruption where timer cancel being done from two place one from
- CVE-2023-52633Apr 2, 2024affected < 6.5.0-1022.23fixed 6.5.0-1022.23
In the Linux kernel, the following vulnerability has been resolved: um: time-travel: fix time corruption In 'basic' time-travel mode (without =inf-cpu or =ext), we still get timer interrupts. These can happen at arbitrary points in time, i.e. while in timer_read(), which pushes
- CVE-2023-52632Apr 2, 2024affected < 6.5.0-1022.23fixed 6.5.0-1022.23
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix lock dependency warning with srcu ====================================================== WARNING: possible circular locking dependency detected 6.5.0-kfd-yangp #2289 Not tainted ----------------
- CVE-2024-26670Apr 2, 2024affected < 6.5.0-1022.23fixed 6.5.0-1022.23
In the Linux kernel, the following vulnerability has been resolved: arm64: entry: fix ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD Currently the ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD workaround isn't quite right, as it is supposed to be applied after the last explicit memory acc
- CVE-2024-26669Apr 2, 2024affected < 6.5.0-1022.23fixed 6.5.0-1022.23
In the Linux kernel, the following vulnerability has been resolved: net/sched: flower: Fix chain template offload When a qdisc is deleted from a net device the stack instructs the underlying driver to remove its flow offload callback from the associated filter block using the '
- CVE-2024-26668Apr 2, 2024affected < 6.5.0-1022.23fixed 6.5.0-1022.23
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_limit: reject configurations that cause integer overflow Reject bogus configs where internal token counter wraps around. This only occurs with very very large requests, such as 17gbyte/s. Its be
- CVE-2024-26649Mar 26, 2024affected < 6.5.0-1022.23fixed 6.5.0-1022.23
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix the null pointer when load rlc firmware If the RLC firmware is invalid because of wrong header size, the pointer to the rlc firmware is released in function amdgpu_ucode_request. There will be a
- CVE-2024-26647Mar 26, 2024affected < 6.5.0-1022.23fixed 6.5.0-1022.23
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix late derefrence 'dsc' check in 'link_set_dsc_pps_packet()' In link_set_dsc_pps_packet(), 'struct display_stream_compressor *dsc' was dereferenced in a DC_LOGGER_INIT(dsc->ctx->logger); befo
- CVE-2024-26646Mar 26, 2024affected < 6.5.0-1022.23fixed 6.5.0-1022.23
In the Linux kernel, the following vulnerability has been resolved: thermal: intel: hfi: Add syscore callbacks for system-wide PM The kernel allocates a memory buffer and provides its location to the hardware, which uses it to update the HFI table. This allocation occurs during
- CVE-2023-52627Mar 26, 2024affected < 6.5.0-1022.23fixed 6.5.0-1022.23
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7091r: Allow users to configure device events AD7091R-5 devices are supported by the ad7091r-5 driver together with the ad7091r-base driver. Those drivers declared iio events for notifying user spac
- CVE-2023-52626Mar 26, 2024affected < 6.5.0-1022.23fixed 6.5.0-1022.23
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix operation precedence bug in port timestamping napi_poll context Indirection (*) is of lower precedence than postfix increment (++). Logic in napi_poll context would cause an out-of-bound read by
- CVE-2023-52623Mar 26, 2024affected < 6.5.0-1022.23fixed 6.5.0-1022.23
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix a suspicious RCU usage warning I received the following warning while running cthon against an ontap server running pNFS: [ 57.202521] ============================= [ 57.202522] WARNING: suspic
- CVE-2023-52622Mar 26, 2024affected < 6.5.0-1022.23fixed 6.5.0-1022.23
In the Linux kernel, the following vulnerability has been resolved: ext4: avoid online resizing failures due to oversized flex bg When we online resize an ext4 filesystem with a oversized flexbg_size, mkfs.ext4 -F -G 67108864 $dev -b 4096 100M mount $dev $dir re
- CVE-2023-52621Mar 26, 2024affected < 6.5.0-1022.23fixed 6.5.0-1022.23
In the Linux kernel, the following vulnerability has been resolved: bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers These three bpf_map_{lookup,update,delete}_elem() helpers are also available for sleepable bpf program, so add the corresponding lock asserti
- CVE-2024-26645Mar 26, 2024affected < 6.5.0-1022.23fixed 6.5.0-1022.23
In the Linux kernel, the following vulnerability has been resolved: tracing: Ensure visibility when inserting an element into tracing_map Running the following two commands in parallel on a multi-processor AArch64 machine can sporadically produce an unexpected warning about dup
- CVE-2024-26644Mar 26, 2024affected < 6.5.0-1022.23fixed 6.5.0-1022.23
In the Linux kernel, the following vulnerability has been resolved: btrfs: don't abort filesystem when attempting to snapshot deleted subvolume If the source file descriptor to the snapshot ioctl refers to a deleted subvolume, we get the following abort: BTRFS: Transaction a
Page 1 of 7