CLSA-2024-1716270232
See a problem?- Import Source
- https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2024-1716270232.json
- JSON Data
- https://api.osv.dev/v1/vulns/CLSA-2024-1716270232
- Upstream
- Published
- 2024-05-21T05:43:54Z
- Modified
- 2026-06-04T10:03:25.802328027Z
- Summary
- Fix of 48 CVEs
- Details
-
- CVE-url: https://ubuntu.com/security/CVE-2023-47233
- wifi: brcmfmac: Fix use-after-free bug in brcmfcfg80211detach
- CVE-url: https://ubuntu.com/security/CVE-2023-52601
- jfs: Fix memleak in dbAdjCtl
- CVE-url: https://ubuntu.com/security/CVE-2024-26801
- Bluetooth: Avoid potential use-after-free in hcierrorreset
- CVE-url: https://ubuntu.com/security/CVE-2024-26805
- netlink: Fix kernel-infoleak-after-free in __skbdatagramiter
- CVE-url: https://ubuntu.com/security/CVE-2024-26735
- ipv6: sr: fix possible use-after-free and null-ptr-deref
- CVE-url: https://ubuntu.com/security/CVE-2023-52566
- nilfs2: fix potential use after free in nilfsgccachesubmitreaddata()
- CVE-url: https://ubuntu.com/security/CVE-2021-46981
- nbd: Fix NULL pointer in flush_workqueue
- CVE-url: https://ubuntu.com/security/CVE-2024-26622
- tomoyo: fix UAF write bug in tomoyowritecontrol()
- CVE-url: https://ubuntu.com/security/CVE-2024-26614
- tcp: make sure init the accept_queue's spinlocks once
- ipv6: init the acceptqueue's spinlocks in inet6create
- CVE-url: https://ubuntu.com/security/CVE-2023-52530
- wifi: mac80211: fix potential key use-after-free
- CVE-url: https://ubuntu.com/security/CVE-2023-52524
- net: nfc: llcp: Add lock when modifying device list
- CVE-url: https://ubuntu.com/security/CVE-2021-47173
- misc/uss720: fix memory leak in uss720_probe
- CVE-url: https://ubuntu.com/security/CVE-2024-26910
- timers: Get rid of delsingleshottimersync()
- timers: Update kernel-doc for various functions
- timers: Use deltimersync() even on UP
- timers: Rename deltimersync() to timerdeletesync()
- timers: Rename deltimer() to timerdelete()
- timers: Silently ignore timers with a NULL function
- timers: Split [tryto]deltimer_sync to prepare for shutdown mode
- timers: Add shutdown mechanism to the internal functions
- timers: Provide timer_shutdown_sync
- netfilter: ipset: fix performance regression in swap operation
- CVE-url: https://ubuntu.com/security/CVE-2023-52595
- rt2x00: clear IV's on start to fix AP mode regression
- wifi: rt2x00: restart beacon queue when hardware reset
- CVE-url: https://ubuntu.com/security/CVE-2023-52617
- switchtec: Improve MRPC efficiency by enabling write combining
- switchtec: Add MRPC DMA mode support
- PCI: switchtec: Fix stdev_release() crash after surprise hot remove
- CVE-url: https://ubuntu.com/security/CVE-2024-26696
- nilfs2: fix hang in nilfslookupdirtydatabuffers()
- CVE-url: https://ubuntu.com/security/CVE-2024-26685
- nilfs2: fix potential bug in endbufferasync_write
- CVE-url: https://ubuntu.com/security/CVE-2024-26625
- llc: call sock_orphan() at release time
- CVE-url: https://ubuntu.com/security/CVE-2023-52615
- hwrng: core - Fix page fault dead lock on mmap-ed hwrng
- CVE-url: https://ubuntu.com/security/CVE-2023-52486
- drm: Don't unref the same fb many times by mistake due to deadlock handling
- CVE-url: https://ubuntu.com/security/CVE-2024-26920
- tracing/trigger: Fix to return error if failed to alloc snapshot
- CVE-url: https://ubuntu.com/security/CVE-2024-26697
- nilfs2: fix data corruption in dsync block recovery for small block sizes
- CVE-url: https://ubuntu.com/security/CVE-2024-26679
- inet: read sk->skfamily once in inetrecv_error()
- CVE-url: https://ubuntu.com/security/CVE-2023-52622
- ext4: remove unnecessary check from allocflexgd()
- ext4: avoid online resizing failures due to oversized flex bg
- CVE-url: https://ubuntu.com/security/CVE-2024-26635
- llc: Drop support for ETHPTR8022.
- CVE-url: https://ubuntu.com/security/CVE-2023-52594
- wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9khtctxstatus()
- CVE-url: https://ubuntu.com/security/CVE-2023-52583
- ceph: fix deadlock or deadcode of misusing dget()
- CVE-url: https://ubuntu.com/security/CVE-2024-26720
- mm/writeback: fix possible divide-by-zero in wbdirtylimits(), again
- CVE-url: https://ubuntu.com/security/CVE-2024-26825
- nfc: nci: free rxdatareassembly skb on NCI device cleanup
- CVE-url: https://ubuntu.com/security/CVE-2024-26671
- blk-mq: fix IO hang from sbitmap wakeup race
- CVE-url: https://ubuntu.com/security/CVE-2024-26675
- ppp_async: limit MRU to 64K
- CVE-url: https://ubuntu.com/security/CVE-2024-26663
- tipc: Check the bearer type before calling tipcudpnlbeareradd()
- CVE-url: https://ubuntu.com/security/CVE-2023-52602
- jfs: fix slab-out-of-bounds Read in dtSearch
- CVE-url: https://ubuntu.com/security/CVE-2024-26704
- ext4: fix double-free of blocks due to wrong extents moved_len
- CVE-url: https://ubuntu.com/security/CVE-2023-52619
- pstore/ram: Fix crash when setting number of cpus to an odd number
- CVE-url: https://ubuntu.com/security/CVE-2024-26636
- llc: make llcuisendmsg() more robust against bonding changes
- CVE-url: https://ubuntu.com/security/CVE-2023-52587
- IB/ipoib: Fix mcast list locking
- CVE-url: https://ubuntu.com/security/CVE-2023-52601 // CVE-url:
https://ubuntu.com/security/CVE-2023-52604
- jfs: fix array-index-out-of-bounds in dbAdjTree
- CVE-url: https://ubuntu.com/security/CVE-2023-52604
- FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree
- CVE-url: https://ubuntu.com/security/CVE-2023-52623
- SUNRPC: Fix a suspicious RCU usage warning
- CVE-url: https://ubuntu.com/security/CVE-2023-52599
- jfs: fix array-index-out-of-bounds in diNewExt
- CVE-url: https://ubuntu.com/security/CVE-2024-26884
- bpf: Fix hashtab overflow check on 32-bit arches
- CVE-url: https://ubuntu.com/security/CVE-2024-26883
- bpf: Fix stackmap overflow check on 32-bit arches
- CVE-url: https://ubuntu.com/security/CVE-2024-26882
- net: add atomiclongt to netdevicestats fields
- net: iptunnel: make sure to pull inner header in iptunnel_rcv()
- CVE-url: https://ubuntu.com/security/CVE-2024-26908
- x86/xen: Add some null pointer checking to smp.c
- CVE-url: https://ubuntu.com/security/CVE-2024-26904
- btrfs: fix data race at btrfsuseblock_rsv() when accessing block reserve
- CVE-url: https://ubuntu.com/security/CVE-2024-26903
- Bluetooth: rfcomm: Fix null-ptr-deref in rfcommchecksecurity
- CVE-url: https://ubuntu.com/security/CVE-2024-26901
- dosysnametohandle(): use kzalloc() to fix kernel-infoleak
- CVE-url: https://ubuntu.com/security/CVE-2024-26898
- aoe: fix the potential use-after-free problem in aoecmdcfgpkts
- CVE-url: https://ubuntu.com/security/CVE-2023-47233
- References
Affected packages
TuxCare:Ubuntu:18.04
linux-buildinfo-4.15.0-228-tuxcare.els16-generic
linux-buildinfo-4.15.0-228-tuxcare.els16-lowlatency
linux-cloud-tools-4.15.0-228-tuxcare.els16
linux-cloud-tools-4.15.0-228-tuxcare.els16-generic
linux-cloud-tools-4.15.0-228-tuxcare.els16-lowlatency
linux-cloud-tools-common
linux-cloud-tools-generic
linux-cloud-tools-lowlatency
linux-crashdump
linux-doc
linux-generic
linux-headers-4.15.0-228-tuxcare.els16
linux-headers-4.15.0-228-tuxcare.els16-generic
linux-headers-4.15.0-228-tuxcare.els16-lowlatency
linux-headers-generic
linux-headers-lowlatency
linux-image-generic
linux-image-lowlatency
linux-image-unsigned-4.15.0-228-tuxcare.els16-generic
linux-image-unsigned-4.15.0-228-tuxcare.els16-lowlatency
Package
- Name
- linux-image-unsigned-4.15.0-228-tuxcare.els16-lowlatency
- Purl
- pkg:deb/tuxcare/linux-image-unsigned-4.15.0-228-tuxcare.els16-lowlatency?distro=ubuntu-18.04