USN-7173-2

Details

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. (CVE-2022-38096)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems:

GPU drivers;
Network drivers;
SCSI subsystem;
Ext4 file system;
Bluetooth subsystem;
Memory management;
Amateur Radio drivers;
Network traffic control;
Sun RPC protocol;
VMware vSockets driver; (CVE-2023-52821, CVE-2024-40910, CVE-2024-43892, CVE-2024-49967, CVE-2024-50264, CVE-2024-36952, CVE-2024-38553, CVE-2021-47101, CVE-2021-47001, CVE-2024-35965, CVE-2024-35963, CVE-2024-35966, CVE-2024-35967, CVE-2024-53057, CVE-2024-38597)

Affected Packages

Ubuntu:20.04:LTSlinux-aws

Fixed in:

5.4.0-1137.147

Ubuntu:20.04:LTSlinux-bluefield

Fixed in:

5.4.0-1097.104

Ubuntu:20.04:LTSlinux-ibm

Fixed in:

5.4.0-1084.89

Ubuntu:20.04:LTSlinux-oracle

Fixed in:

5.4.0-1136.145

Ubuntu:20.04:LTSlinux-xilinx-zynqmp

Fixed in:

5.4.0-1056.60

Ubuntu:Pro:18.04:LTSlinux-aws-5.4

Fixed in:

5.4.0-1137.147~18.04.1

Ubuntu:Pro:18.04:LTSlinux-ibm-5.4

Fixed in:

5.4.0-1084.89~18.04.1

Ubuntu:Pro:18.04:LTSlinux-oracle-5.4

Fixed in:

5.4.0-1136.145~18.04.1

References

USN-7173-2

Details

Affected Packages

References

Upstream

Ecosystems

Timeline