CLSA-2024-1721660263
See a problem?- Import Source
- https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2024-1721660263.json
- JSON Data
- https://api.osv.dev/v1/vulns/CLSA-2024-1721660263
- Upstream
- Published
- 2024-07-22T14:57:46Z
- Modified
- 2026-06-04T10:04:26.915838535Z
- Summary
- Fix of 96 CVEs
- Details
-
- CVE-url: https://ubuntu.com/security/CVE-2024-35902
- net/rds: fix possible cp null dereference
- CVE-url: https://ubuntu.com/security/CVE-2024-38587
- speakup: Fix sizeof() vs ARRAY_SIZE() bug
- CVE-url: https://ubuntu.com/security/CVE-2024-39493
- crypto: qat - Fix ADFDEVRESET_SYNC memory leak
- CVE-url: https://ubuntu.com/security/CVE-2024-38381
- nfc: nci: Fix uninit-value in ncirxwork
- CVE-url: https://ubuntu.com/security/CVE-2024-26810
- vfio/pci: Lock external INTx masking ops
- CVE-url: https://ubuntu.com/security/CVE-2024-26687
- xen/events: close evtchn after mapping cleanup
- CVE-url: https://ubuntu.com/security/CVE-2024-35893
- net: sched: change type of reference and bind counters
- net: sched: actskbmod: remove dependency on rtnl lock
- net/sched: actskbmod: prevent kernel-infoleak
- CVE-url: https://ubuntu.com/security/CVE-2024-35823
- vt: preserve unicode values corresponding to screen characters
- vt: fix unicode buffer corruption when deleting characters
- CVE-url: https://ubuntu.com/security/CVE-2024-35805
- dm snapshot: Replace mutex with rw semaphore
- dm snapshot: fix lockup in dmexceptiontable_exit
- CVE-url: https://ubuntu.com/security/CVE-2024-27004
- clk: core: clarify the check for runtime PM
- clk: Get runtime PM before walking tree during disable_unused
- CVE-url: https://ubuntu.com/security/CVE-2024-26852
- net/ipv6: avoid possible UAF in ip6routempath_notify()
- CVE-url: https://ubuntu.com/security/CVE-2023-52620
- netfilter: nf_tables: disallow timeout for anonymous sets
- CVE-url: https://ubuntu.com/security/CVE-2024-25739
- ubi: Check for too small LEB size in VTBL code
- CVE-url: https://ubuntu.com/security/CVE-2024-27437
- genirq: Add IRQFNOAUTOEN for request_irq/nmi()
- vfio/pci: Disable auto-enable of exclusive INTx IRQ
- CVE-url: https://ubuntu.com/security/CVE-2022-48627
- vc: separate state
- vt: fix memory overlapping when deleting chars in the buffer
- CVE-url: https://ubuntu.com/security/CVE-2024-35910
- mptcp: add skstoptimer_sync helper
- tcp: properly terminate timers for kernel sockets
- CVE-url: https://ubuntu.com/security/CVE-2024-35969
- ipv6: fix race condition between ipv6getifaddr and ipv6deladdr
- CVE-url: https://ubuntu.com/security/CVE-2024-27024
- RDS: RDMA: Fix the NULL-ptr deref in rdsibget_mr
- net/rds: fix WARNING in rdsconnconnectifdown
- CVE-url: https://ubuntu.com/security/CVE-2024-26863
- hsr: Fix uninit-value access in hsrgetnode()
- CVE-url: https://ubuntu.com/security/CVE-2024-26984
- nouveau: fix instmem race condition around ptr stores
- CVE-url: https://ubuntu.com/security/CVE-2024-36020
- i40e: fix vf may be used uninitialized in this function warning
- CVE-url: https://ubuntu.com/security/CVE-2024-35849
- btrfs: fix information leak in btrfsioctllogicaltoino()
- CVE-url: https://ubuntu.com/security/CVE-2024-27388
- SUNRPC: fix some memleaks in gssxdecoption_array
- CVE-url: https://ubuntu.com/security/CVE-2024-35886
- ipv6: Fix infinite recursion in fib6dumpdone().
- CVE-url: https://ubuntu.com/security/CVE-2024-35809
- PCI/PM: Drain runtime-idle callbacks before driver removal
- CVE-url: https://ubuntu.com/security/CVE-2024-26875
- media: pvrusb2: fix uaf in pvr2contextset_notify
- CVE-url: https://ubuntu.com/security/CVE-2024-26851
- netfilter: nfconntrackh323: Add protection for bmp length out of range
- CVE-url: https://ubuntu.com/security/CVE-2024-26999
- serial/pmac_zilog: Remove flawed mitigation for rx irq flood
- CVE-url: https://ubuntu.com/security/CVE-2024-35819
- soc: fsl: qbman: Use raw spinlock for cgr_lock
- CVE-url: https://ubuntu.com/security/CVE-2024-35806
- soc: fsl: qbman: Always disable interrupts when taking cgr_lock
- CVE-url: https://ubuntu.com/security/CVE-2023-52699
- sysv: don't call sbbread() with pointerslock held
- CVE-url: https://ubuntu.com/security/CVE-2024-35828
- wifi: libertas: fix some memleaks in lbsallocatecmd_buffer()
- CVE-url: https://ubuntu.com/security/CVE-2024-27001
- comedi: vmk80xx: fix incomplete endpoint checking
- CVE-url: https://ubuntu.com/security/CVE-2024-26878
- quota: Fix potential NULL pointer dereference
- CVE-url: https://ubuntu.com/security/CVE-2024-27008
- drm: nv04: Fix out of bounds access
- CVE-url: https://ubuntu.com/security//CVE-2024-35825
- usb: gadget: ncm: Fix handling of zero block length packets
- CVE-url: https://ubuntu.com/security/CVE-2024-35935
- btrfs: send: handle path ref underflow in header iterateinoderef()
- CVE-url: https://ubuntu.com/security/CVE-2024-26957
- s390/zcrypt: fix reference counting on zcrypt card objects
- CVE-url: https://ubuntu.com/security/CVE-2024-35973
- geneve: fix header validation in geneve[6]xmitskb
- CVE-url: https://ubuntu.com/security/CVE-2024-26965
- clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays
- CVE-url: https://ubuntu.com/security/CVE-2024-26931
- scsi: qla2xxx: Fix command flush on cable pull
- CVE-url: https://ubuntu.com/security/CVE-2024-35944
- VMCI: Fix memcpy() run-time warning in dgdispatchas_host()
- CVE-url: https://ubuntu.com/security/CVE-2024-27028
- spi: spi-mt65xx: Fix NULL pointer access in interrupt handler
- CVE-url: https://ubuntu.com/security/CVE-2024-35830
- media: tc358743: register v4l2 async device only after successful setup
- CVE-url: https://ubuntu.com/security/CVE-2024-26956
- nilfs2: fix failure to detect DAT corruption in btree and direct mappings
- CVE-url: https://ubuntu.com/security/CVE-2024-35807
- ext4: fix corruption during on-line resize
- CVE-url: https://ubuntu.com/security/CVE-2024-26813
- vfio/platform: Create persistent IRQ handlers
- CVE-url: https://ubuntu.com/security/CVE-2023-52644
- wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled
- CVE-url: https://ubuntu.com/security/CVE-2024-26966
- clk: qcom: mmcc-apq8084: fix terminating of frequency table arrays
- CVE-url: https://ubuntu.com/security/CVE-2024-26654
- ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs
- CVE-url: https://ubuntu.com/security/CVE-2024-27073
- media: ttpci: fix two memleaks in budgetavattach
- CVE-url: https://ubuntu.com/security/CVE-2023-52880
- tty: ngsm: require CAPNETADMIN to attach NGSM0710 ldisc
- CVE-url: https://ubuntu.com/security/CVE-2023-52650
- drm/tegra: dsi: Add missing check for offinddevicebynode
- CVE-url: https://ubuntu.com/security/CVE-2024-35822
- usb: udc: remove warning when queue disabled ep
- CVE-url: https://ubuntu.com/security/CVE-2024-35933
- Bluetooth: btintel: Fix null ptr deref in btintelreadversion
- CVE-url: https://ubuntu.com/security/CVE-2024-26857
- geneve: make sure to pull inner header in geneve_rx()
- CVE-url: https://ubuntu.com/security/CVE-2024-35925
- block: prevent division by zero in blkrqstat_sum()
- CVE-url: https://ubuntu.com/security/CVE-2024-35930
- scsi: lpfc: Fix possible memory leak in lpfcrcvpadisc()
- CVE-url: https://ubuntu.com/security/CVE-2024-27419
- netrom: Fix data-races around sysctlnetbusy_read
- CVE-url: https://ubuntu.com/security/CVE-2024-35955
- kprobes: Fix possible use-after-free issue on kprobe registration
- CVE-url: https://ubuntu.com/security/CVE-2024-27074
- media: go7007: fix a memleak in go7007loadencoder
- CVE-url: https://ubuntu.com/security/CVE-2024-35847
- irqchip/gic-v3-its: Prevent double free on error
- CVE-url: https://ubuntu.com/security/CVE-2024-35936
- btrfs: handle chunk tree lookup error in btrfsrelocatesys_chunks()
- CVE-url: https://ubuntu.com/security/CVE-2024-35821
- ubifs: Set page uptodate in the correct place
- CVE-url: https://ubuntu.com/security/CVE-2024-27075
- media: dvb-frontends: avoid stack overflow warnings with clang
- CVE-url: https://ubuntu.com/security/CVE-2024-26651
- sr9800: Add check for usbnetgetendpoints
- CVE-url: https://ubuntu.com/security/CVE-2024-27043
- media: edia: dvbdev: fix a use-after-free
- CVE-url: https://ubuntu.com/security/CVE-2024-26976
- KVM: Always flush async #PF workqueue when vCPU is being destroyed
- CVE-url: https://ubuntu.com/security/CVE-2024-27000
- serial: mxs-auart: add spinlock around changing cts state
- CVE-url: https://ubuntu.com/security/CVE-2024-35815
- fs/aio: Check IOCBAIORW before the struct aio_kiocb conversion
- CVE-url: https://ubuntu.com/security/CVE-2024-27396
- net: gtp: Fix Use-After-Free in gtp_dellink
- CVE-url: https://ubuntu.com/security/CVE-2024-26874
- drm/mediatek: Fix a null pointer crash in mtkdrmcrtcfinishpage_flip
- CVE-url: https://ubuntu.com/security/CVE-2024-35922
- fbmon: prevent division by zero in fbvideomodefrom_videomode()
- CVE-url: https://ubuntu.com/security/CVE-2024-27078
- media: v4l2-tpg: fix some memleaks in tpg_alloc
- CVE-url: https://ubuntu.com/security/CVE-2024-26981
- nilfs2: fix OOB in nilfssetde_type
- CVE-url: https://ubuntu.com/security/CVE-2024-26816
- x86, relocs: Ignore relocations in .notes section
- CVE-url: https://ubuntu.com/security/CVE-2024-26880
- dm: call the resume method on internal suspend
- CVE-url: https://ubuntu.com/security/CVE-2024-26994
- speakup: Avoid crash on very long word
- CVE-url: https://ubuntu.com/security/CVE-2024-26955
- nilfs2: prevent kernel bug at submitbhwbc()
- CVE-url: https://ubuntu.com/security/CVE-2024-36004
- i40e: Do not use WQMEMRECLAIM flag for workqueue
- CVE-url: https://ubuntu.com/security/CVE-2024-35789
- wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes
- CVE-url: https://ubuntu.com/security/CVE-2024-26974
- crypto: qat - resolve race condition during AER recovery
- CVE-url: https://ubuntu.com/security/CVE-2024-26859
- net/bnx2x: Prevent access to a freed page in page_pool
- CVE-url: https://ubuntu.com/security/CVE-2024-35960
- net/mlx5: Properly link new fs rules into the tree
- CVE-url: https://ubuntu.com/security/CVE-2024-27059
- USB: usb-storage: Prevent divide-by-0 error in isd200atacommand
- CVE-url: https://ubuntu.com/security/CVE-2024-26993
- fs: sysfs: Fix reference leak in sysfsbreakactive_protection()
- CVE-url: https://ubuntu.com/security/CVE-2024-24857 // CVE-url:
https://ubuntu.com/security/CVE-2024-24858 // CVE-url:
https://ubuntu.com/security/CVE-2024-24859
- Bluetooth: Fix TOCTOU in HCI debugfs implementation
- CVE-url: https://ubuntu.com/security/CVE-2024-26894
- ACPI: processoridle: Fix memory leak in acpiprocessorpowerexit()
- CVE-url: https://ubuntu.com/security/CVE-2024-27436
- ALSA: usb-audio: Stop parsing channels bits when all channels are found.
- CVE-url: https://ubuntu.com/security/CVE-2024-35915
- nfc: nci: Fix uninit-value in ncidevup and ncintfpacket
- CVE-url: https://ubuntu.com/security/CVE-2024-26973
- fat: fix uninitialized field in nostale filehandles
- CVE-url: https://ubuntu.com/security/CVE-2024-26923
- af_unix: Fix garbage collector racing against connect()
- CVE-url: https://ubuntu.com/security/CVE-2024-26643
- netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout
- CVE-url: https://ubuntu.com/security/CVE-2024-26886
- Bluetooth: af_bluetooth: Fix deadlock
- CVE-url: https://ubuntu.com/security/CVE-2024-35902
- References
Affected packages
TuxCare:Ubuntu:18.04
linux-buildinfo-4.15.0-232-tuxcare.els20-generic
linux-buildinfo-4.15.0-232-tuxcare.els20-lowlatency
linux-cloud-tools-4.15.0-232-tuxcare.els20
linux-cloud-tools-4.15.0-232-tuxcare.els20-generic
linux-cloud-tools-4.15.0-232-tuxcare.els20-lowlatency
linux-cloud-tools-common
linux-cloud-tools-generic
linux-cloud-tools-lowlatency
linux-crashdump
linux-doc
linux-generic
linux-headers-4.15.0-232-tuxcare.els20
linux-headers-4.15.0-232-tuxcare.els20-generic
linux-headers-4.15.0-232-tuxcare.els20-lowlatency
linux-headers-generic
linux-headers-lowlatency
linux-image-generic
linux-image-lowlatency
linux-image-unsigned-4.15.0-232-tuxcare.els20-generic
linux-image-unsigned-4.15.0-232-tuxcare.els20-lowlatency
Package
- Name
- linux-image-unsigned-4.15.0-232-tuxcare.els20-lowlatency
- Purl
- pkg:deb/tuxcare/linux-image-unsigned-4.15.0-232-tuxcare.els20-lowlatency?distro=ubuntu-18.04