USN-7173-1

Details

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. (CVE-2022-38096)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems:

GPU drivers;
Network drivers;
SCSI subsystem;
Ext4 file system;
Bluetooth subsystem;
Memory management;
Amateur Radio drivers;
Network traffic control;
Sun RPC protocol;
VMware vSockets driver; (CVE-2023-52821, CVE-2024-40910, CVE-2024-43892, CVE-2024-49967, CVE-2024-50264, CVE-2024-36952, CVE-2024-38553, CVE-2021-47101, CVE-2021-47001, CVE-2024-35965, CVE-2024-35963, CVE-2024-35966, CVE-2024-35967, CVE-2024-53057, CVE-2024-38597)

Affected Packages

Ubuntu:20.04:LTSlinux

Fixed in:

5.4.0-204.224

Ubuntu:20.04:LTSlinux-gcp

Fixed in:

5.4.0-1141.150

Ubuntu:20.04:LTSlinux-kvm

Fixed in:

5.4.0-1125.133

Ubuntu:20.04:LTSlinux-raspi

Fixed in:

5.4.0-1121.133

Ubuntu:Pro:18.04:LTSlinux-gcp-5.4

Fixed in:

5.4.0-1141.150~18.04.1

Ubuntu:Pro:18.04:LTSlinux-hwe-5.4

Fixed in:

5.4.0-204.224~18.04.1

References

USN-7173-1

Details

Affected Packages

References

Upstream

Ecosystems

Timeline