USN-6868-2

Details

Sander Wiebing, Alvise de Faveri Tron, Herbert Bos, and Cristiano Giuffrida discovered that the Linux kernel mitigations for the initial Branch History Injection vulnerability (CVE-2022-0001) were insufficient for Intel processors. A local attacker could potentially use this to expose sensitive information. (CVE-2024-2201)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems:

Netfilter; (CVE-2024-26925, CVE-2024-26643)

Affected Packages

Ubuntu:Pro:18.04:LTSlinux-aws-5.4

Fixed in:

5.4.0-1127.137~18.04.2

References

REPORThttps://ubuntu.com/security/CVE-2024-2201 REPORThttps://ubuntu.com/security/CVE-2024-26643 REPORThttps://ubuntu.com/security/CVE-2024-26925 ADVISORYhttps://ubuntu.com/security/notices/USN-6868-2

USN-6868-2

Details

Affected Packages

References

Upstream

Ecosystems

Timeline