[USN-6818-4] Linux kernel (HWE) vulnerabilities

[Rodrigo Figueiredo Zaiden]

==========================================================================
Ubuntu Security Notice USN-6818-4
June 18, 2024

linux-hwe-6.5 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-hwe-6.5: Linux hardware enablement (HWE) kernel

Details:

Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel
did not properly validate H2C PDU data, leading to a null pointer
dereference vulnerability. A remote attacker could use this to cause a
denial of service (system crash). (CVE-2023-6356, CVE-2023-6535,
CVE-2023-6536)

It was discovered that the Intel Data Streaming and Intel Analytics
Accelerator drivers in the Linux kernel allowed direct access to the
devices for unprivileged users and virtual machines. A local attacker could
use this to cause a denial of service. (CVE-2024-21823)

Chenyuan Yang discovered that the RDS Protocol implementation in the Linux
kernel contained an out-of-bounds read vulnerability. An attacker could use
this to possibly cause a denial of service (system crash). (CVE-2024-23849)

It was discovered that a race condition existed in the Bluetooth subsystem
in the Linux kernel, leading to a null pointer dereference vulnerability. A
privileged local attacker could use this to possibly cause a denial of
service (system crash). (CVE-2024-24860)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
  - ARM64 architecture;
  - PowerPC architecture;
  - RISC-V architecture;
  - S390 architecture;
  - Core kernel;
  - x86 architecture;
  - Block layer subsystem;
  - Cryptographic API;
  - ACPI drivers;
  - Android drivers;
  - Drivers core;
  - Power management core;
  - Bus devices;
  - Device frequency scaling framework;
  - DMA engine subsystem;
  - EDAC drivers;
  - ARM SCMI message protocol;
  - GPU drivers;
  - IIO ADC drivers;
  - InfiniBand drivers;
  - IOMMU subsystem;
  - Media drivers;
  - Multifunction device drivers;
  - MTD block device drivers;
  - Network drivers;
  - NVME drivers;
  - Device tree and open firmware driver;
  - PCI driver for MicroSemi Switchtec;
  - Power supply drivers;
  - RPMSG subsystem;
  - SCSI drivers;
  - QCOM SoC drivers;
  - SPMI drivers;
  - Thermal drivers;
  - TTY drivers;
  - VFIO drivers;
  - BTRFS file system;
  - Ceph distributed file system;
  - EFI Variable file system;
  - EROFS file system;
  - Ext4 file system;
  - F2FS file system;
  - GFS2 file system;
  - JFS file system;
  - Network file systems library;
  - Network file system server daemon;
  - File systems infrastructure;
  - Pstore file system;
  - ReiserFS file system;
  - SMB network file system;
  - BPF subsystem;
  - Memory management;
  - TLS protocol;
  - Ethernet bridge;
  - Networking core;
  - IPv4 networking;
  - IPv6 networking;
  - Logical Link layer;
  - MAC80211 subsystem;
  - Multipath TCP;
  - Netfilter;
  - NetLabel subsystem;
  - Network traffic control;
  - SMC sockets;
  - Sun RPC protocol;
  - AppArmor security module;
  - Intel ASoC drivers;
  - MediaTek ASoC drivers;
  - USB sound devices;
(CVE-2023-52598, CVE-2023-52676, CVE-2023-52609, CVE-2024-26620,
CVE-2023-52487, CVE-2023-52465, CVE-2023-52473, CVE-2023-52467,
CVE-2024-26583, CVE-2023-52669, CVE-2023-52664, CVE-2023-52449,
CVE-2023-52614, CVE-2024-26595, CVE-2023-52611, CVE-2023-52696,
CVE-2023-52591, CVE-2023-52491, CVE-2024-35839, CVE-2023-52679,
CVE-2024-26607, CVE-2023-52587, CVE-2023-52469, CVE-2023-52608,
CVE-2023-52617, CVE-2023-52698, CVE-2024-26673, CVE-2024-35835,
CVE-2024-26808, CVE-2024-26668, CVE-2023-52626, CVE-2023-52621,
CVE-2024-35837, CVE-2023-52489, CVE-2023-52597, CVE-2024-26649,
CVE-2024-26615, CVE-2024-35838, CVE-2023-52693, CVE-2023-52497,
CVE-2024-35842, CVE-2024-26618, CVE-2024-26610, CVE-2024-26631,
CVE-2024-26644, CVE-2024-26627, CVE-2023-52677, CVE-2023-52472,
CVE-2023-52627, CVE-2023-52486, CVE-2023-52632, CVE-2023-52494,
CVE-2023-52468, CVE-2024-26634, CVE-2023-52588, CVE-2024-26646,
CVE-2024-26584, CVE-2023-52443, CVE-2023-52691, CVE-2024-26612,
CVE-2023-52595, CVE-2024-26592, CVE-2024-26623, CVE-2023-52492,
CVE-2024-26670, CVE-2023-52583, CVE-2023-52681, CVE-2023-52635,
CVE-2023-52457, CVE-2023-52445, CVE-2024-26629, CVE-2024-26594,
CVE-2023-52675, CVE-2023-52488, CVE-2023-52446, CVE-2024-26625,
CVE-2023-52697, CVE-2023-52453, CVE-2023-52498, CVE-2023-52686,
CVE-2023-52593, CVE-2023-52612, CVE-2023-52687, CVE-2023-52470,
CVE-2023-52455, CVE-2023-52444, CVE-2024-26608, CVE-2024-26633,
CVE-2024-26645, CVE-2023-52451, CVE-2023-52456, CVE-2024-26640,
CVE-2023-52670, CVE-2023-52589, CVE-2024-26598, CVE-2024-35841,
CVE-2024-26647, CVE-2024-26636, CVE-2023-52680, CVE-2023-52616,
CVE-2023-52685, CVE-2024-26582, CVE-2024-26638, CVE-2023-52694,
CVE-2024-35840, CVE-2023-52448, CVE-2023-52623, CVE-2023-52462,
CVE-2023-52452, CVE-2024-26641, CVE-2023-52683, CVE-2023-52682,
CVE-2023-52594, CVE-2023-52490, CVE-2023-52493, CVE-2023-52633,
CVE-2023-52606, CVE-2024-26669, CVE-2023-52584, CVE-2024-26585,
CVE-2023-52610, CVE-2023-52672, CVE-2023-52450, CVE-2023-52666,
CVE-2023-52458, CVE-2023-52622, CVE-2023-52674, CVE-2023-52619,
CVE-2024-26586, CVE-2023-52667, CVE-2024-26616, CVE-2023-52463,
CVE-2024-26632, CVE-2023-52447, CVE-2023-52692, CVE-2023-52678,
CVE-2023-52607, CVE-2023-52618, CVE-2023-52464, CVE-2024-26671,
CVE-2023-52599, CVE-2023-52454, CVE-2023-52495, CVE-2023-52690)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS
  linux-image-6.5.0-41-generic    6.5.0-41.41~22.04.2
  linux-image-6.5.0-41-generic-64k  6.5.0-41.41~22.04.2
  linux-image-generic-64k-hwe-22.04  6.5.0.41.41~22.04.2
  linux-image-generic-hwe-22.04   6.5.0.41.41~22.04.2
  linux-image-virtual-hwe-22.04   6.5.0.41.41~22.04.2

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
  https://ubuntu.com/security/notices/USN-6818-4
  https://ubuntu.com/security/notices/USN-6818-1
  CVE-2023-52443, CVE-2023-52444, CVE-2023-52445, CVE-2023-52446,
  CVE-2023-52447, CVE-2023-52448, CVE-2023-52449, CVE-2023-52450,
  CVE-2023-52451, CVE-2023-52452, CVE-2023-52453, CVE-2023-52454,
  CVE-2023-52455, CVE-2023-52456, CVE-2023-52457, CVE-2023-52458,
  CVE-2023-52462, CVE-2023-52463, CVE-2023-52464, CVE-2023-52465,
  CVE-2023-52467, CVE-2023-52468, CVE-2023-52469, CVE-2023-52470,
  CVE-2023-52472, CVE-2023-52473, CVE-2023-52486, CVE-2023-52487,
  CVE-2023-52488, CVE-2023-52489, CVE-2023-52490, CVE-2023-52491,
  CVE-2023-52492, CVE-2023-52493, CVE-2023-52494, CVE-2023-52495,
  CVE-2023-52497, CVE-2023-52498, CVE-2023-52583, CVE-2023-52584,
  CVE-2023-52587, CVE-2023-52588, CVE-2023-52589, CVE-2023-52591,
  CVE-2023-52593, CVE-2023-52594, CVE-2023-52595, CVE-2023-52597,
  CVE-2023-52598, CVE-2023-52599, CVE-2023-52606, CVE-2023-52607,
  CVE-2023-52608, CVE-2023-52609, CVE-2023-52610, CVE-2023-52611,
  CVE-2023-52612, CVE-2023-52614, CVE-2023-52616, CVE-2023-52617,
  CVE-2023-52618, CVE-2023-52619, CVE-2023-52621, CVE-2023-52622,
  CVE-2023-52623, CVE-2023-52626, CVE-2023-52627, CVE-2023-52632,
  CVE-2023-52633, CVE-2023-52635, CVE-2023-52664, CVE-2023-52666,
  CVE-2023-52667, CVE-2023-52669, CVE-2023-52670, CVE-2023-52672,
  CVE-2023-52674, CVE-2023-52675, CVE-2023-52676, CVE-2023-52677,
  CVE-2023-52678, CVE-2023-52679, CVE-2023-52680, CVE-2023-52681,
  CVE-2023-52682, CVE-2023-52683, CVE-2023-52685, CVE-2023-52686,
  CVE-2023-52687, CVE-2023-52690, CVE-2023-52691, CVE-2023-52692,
  CVE-2023-52693, CVE-2023-52694, CVE-2023-52696, CVE-2023-52697,
  CVE-2023-52698, CVE-2023-6356, CVE-2023-6535, CVE-2023-6536,
  CVE-2024-21823, CVE-2024-23849, CVE-2024-24860, CVE-2024-26582,
  CVE-2024-26583, CVE-2024-26584, CVE-2024-26585, CVE-2024-26586,
  CVE-2024-26592, CVE-2024-26594, CVE-2024-26595, CVE-2024-26598,
  CVE-2024-26607, CVE-2024-26608, CVE-2024-26610, CVE-2024-26612,
  CVE-2024-26615, CVE-2024-26616, CVE-2024-26618, CVE-2024-26620,
  CVE-2024-26623, CVE-2024-26625, CVE-2024-26627, CVE-2024-26629,
  CVE-2024-26631, CVE-2024-26632, CVE-2024-26633, CVE-2024-26634,
  CVE-2024-26636, CVE-2024-26638, CVE-2024-26640, CVE-2024-26641,
  CVE-2024-26644, CVE-2024-26645, CVE-2024-26646, CVE-2024-26647,
  CVE-2024-26649, CVE-2024-26668, CVE-2024-26669, CVE-2024-26670,
  CVE-2024-26671, CVE-2024-26673, CVE-2024-26808, CVE-2024-35835,
  CVE-2024-35837, CVE-2024-35838, CVE-2024-35839, CVE-2024-35840,
  CVE-2024-35841, CVE-2024-35842

Package Information:
  https://launchpad.net/ubuntu/+source/linux-hwe-6.5/6.5.0-41.41~22.04.2

OpenPGP_signature.asc
Description: OpenPGP digital signature