CLSA-2024-1723806933
See a problem?- Import Source
- https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2024-1723806933.json
- JSON Data
- https://api.osv.dev/v1/vulns/CLSA-2024-1723806933
- Upstream
- Published
- 2024-08-16T11:15:37Z
- Modified
- 2026-06-04T10:03:17.263607325Z
- Summary
- Fix of 55 CVEs
- Details
-
- CVE-url: https://ubuntu.com/security/CVE-2024-39467
- f2fs: fix to do sanity check on ixattrnid in sanitycheckinode()
- CVE-url: https://ubuntu.com/security/CVE-2024-36940
- pinctrl: core: delete incorrect free in pinctrl_enable()
- CVE-url: https://ubuntu.com/security/CVE-2024-38659
- enic: Validate length of nl attributes in enicsetvf_port
- CVE-url: https://ubuntu.com/security/CVE-2024-38560
- scsi: bfa: Ensure the copied buf is NUL terminated
- CVE-url: https://ubuntu.com/security/CVE-2024-36941
- wifi: nl80211: don't free NULL coalescing rule
- CVE-url: https://ubuntu.com/security/CVE-2024-27401
- firewire: nosy: ensure user_length is taken into account when fetching packet contents
- CVE-url: https://ubuntu.com/security/CVE-2024-39276
- ext4: fix mbcacheentry's erefcnt leak in ext4xattrblockcache_find()
- CVE-url: https://ubuntu.com/security/CVE-2024-27398
- Bluetooth: Fix use-after-free bugs caused by scosocktimeout
- CVE-url: https://ubuntu.com/security/CVE-2024-36964
- fs/9p: only translate RWX permissions for plain 9P2000
- CVE-url: https://ubuntu.com/security/CVE-2024-38601
- ring-buffer: Fix a race between readers and resize checks
- CVE-url: https://ubuntu.com/security/CVE-2024-39475
- fbdev: savage: Handle err return when savagefbcheckvar failed
- CVE-url: https://ubuntu.com/security/CVE-2024-38578
- ecryptfs: Fix buffer size for tag 66 packet
- CVE-url: https://ubuntu.com/security/CVE-2024-36950
- firewire: ohci: mask bus reset interrupts between ISR and bottom half
- CVE-url: https://ubuntu.com/security/CVE-2024-38589
- netrom: fix possible dead-lock in nrrtioctl()
- CVE-url: https://ubuntu.com/security/CVE-2024-38627
- stm class: Fix a double free in stmregisterdevice()
- CVE-url: https://ubuntu.com/security/CVE-2024-38612
- ipv6: sr: fix invalid unregister error path
- CVE-url: https://ubuntu.com/security/CVE-2024-36905
- tcp: defer shutdown(SENDSHUTDOWN) for TCPSYN_RECV sockets
- CVE-url: https://ubuntu.com/security/CVE-2024-38559
- scsi: qedf: Ensure the copied buf is NUL terminated
- CVE-url: https://ubuntu.com/security/CVE-2024-33621
- ipvlan: Dont Use skb->sk in ipvlanprocessv{4,6}_outbound
- CVE-url: https://ubuntu.com/security/CVE-2024-38637
- greybus: lights: check return of getchannelfrom_mode
- CVE-url: https://ubuntu.com/security/CVE-2024-38567
- wifi: carl9170: add a proper sanity check for endpoints
- CVE-url: https://ubuntu.com/security/CVE-2024-39301
- net/9p: fix uninit-value in p9clientrpc()
- CVE-url: https://ubuntu.com/security/CVE-2024-36919
- scsi: bnx2fc: Remove spinlockbh while releasing resources after upload
- CVE-url: https://ubuntu.com/security/CVE-2022-48772
- media: lgdt3306a: Add a check against null-pointer-def
- CVE-url: https://ubuntu.com/security/CVE-2024-36017
- rtnetlink: Correct nested IFLAVFVLAN_LIST attribute validation
- CVE-url: https://ubuntu.com/security/CVE-2024-36934
- bna: ensure the copied buf is NUL terminated
- CVE-url: https://ubuntu.com/security/CVE-2024-38558
- net: openvswitch: fix overwriting ct original tuple for ICMPv6
- CVE-url: https://ubuntu.com/security/CVE-2024-38565
- USB: core: Add routines for endpoint checks in old drivers
- wifi: ar5523: enable proper endpoint verification
- CVE-url: https://ubuntu.com/security/CVE-2024-38600
- ALSA: control: Add verification for kctl accesses
- ALSA: control: Track in-flight control read/write/tlv accesses
- ALSA: Fix deadlocks with kctl removals at disconnection
- CVE-url: https://ubuntu.com/security/CVE-2024-31076
- genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline
- CVE-url: https://ubuntu.com/security/CVE-2024-36015
- ida: Add new API
- ppdev: Remove usage of the deprecated idasimplexx() API
- ppdev: Add an error check in register_device
- CVE-url: https://ubuntu.com/security/CVE-2024-38621
- media: stk1160: fix bounds checking in stk1160copyvideo()
- CVE-url: https://ubuntu.com/security/CVE-2024-38549
- drm/mediatek: Add 0 size check to mtkdrmgem_obj
- CVE-url: https://ubuntu.com/security/CVE-2024-35947
- dyndbg: fix old BUG_ON in >control parser
- CVE-url: https://ubuntu.com/security/CVE-2024-37353
- virtio: delete vq in vpfindvqsmsix() when requestirq() fails
- CVE-url: https://ubuntu.com/security/CVE-2024-27399
- Bluetooth: l2cap: fix null-ptr-deref in l2capchantimeout
- CVE-url: https://ubuntu.com/security/CVE-2024-38618
- ALSA: timer: Simplify timer hw resolution calls
- ALSA: timer: Set lower bound of start tick time
- CVE-url: https://ubuntu.com/security/CVE-2024-38579
- crypto: bcm - Fix pointer arithmetic
- CVE-url: https://ubuntu.com/security/CVE-2024-36286
- netfilter: nfnetlinkqueue: acquire rcureadlock() in instancedestroy_rcu()
- CVE-url: https://ubuntu.com/security/CVE-2024-39488
- arm64: asm-bug: Add .align 2 to the end of _BUGENTRY
- CVE-url: https://ubuntu.com/security/CVE-2024-38607
- macintosh/via-macii: Fix "BUG: sleeping function called from invalid context"
- CVE-url: https://ubuntu.com/security/CVE-2024-37356
- params: lift paramsetuint_minmax to common code
- tcp: Fix shift-out-of-bounds in dctcpupdatealpha().
- CVE-url: https://ubuntu.com/security/CVE-2024-38613
- m68k: Fix spinlock race in kernel thread creation
- CVE-url: https://ubuntu.com/security/CVE-2024-36954
- tipc: fix a possible memleak in tipcbufappend
- CVE-url: https://ubuntu.com/security/CVE-2024-38661
- s390/ap: Fix crash in AP internal function modify_bitmap()
- CVE-url: https://ubuntu.com/security/CVE-2024-38599
- jffs2: prevent xattr node from overflowing the eraseblock
- CVE-url: https://ubuntu.com/security/CVE-2024-38633
- serial: core: Provide port lock wrappers
- serial: max3100: Update uartdriverregistered on driver removal
- CVE-url: https://ubuntu.com/security/CVE-2024-39292
- um: Add winch to winch_handlers before registering winch IRQ
- CVE-url: https://ubuntu.com/security/CVE-2024-36939
- NFS: Cleanup - add nfsclientsexit to mirror nfsclientsinit
- nfs: expose /proc/net/sunrpc/nfs in net namespaces
- sunrpc: add a struct rpcstats arg to rpccreateargs
- nfs: make the rpcstat per net namespace
- nfs: Handle error of rpcprocregister() in nfsnetinit().
- CVE-url: https://ubuntu.com/security/CVE-2024-38634
- serial: max3100: Lock port->lock when calling uarthandlects_change()
- CVE-url: https://ubuntu.com/security/CVE-2024-36933
- nsh: Restore skb->{protocol,data,macheader} for outer header in nshgso_segment().
- CVE-url: https://ubuntu.com/security/CVE-2024-36883
- net: fix out-of-bounds access in ops_init
- CVE-url: https://ubuntu.com/security/CVE-2024-39480
- kdb: Fix buffer overflow during tab-complete
- CVE-url: https://ubuntu.com/security/CVE-2024-36960
- drm/vmwgfx: Fix invalid reads in fence signaled events
- CVE-url: https://ubuntu.com/security/CVE-2024-36946
- phonet: fix rtmphonetnotify() skb allocation
- CVE-url: https://ubuntu.com/security/CVE-2024-39467
- References
Affected packages
TuxCare:Ubuntu:18.04
linux-buildinfo-4.15.0-235-tuxcare.els23-generic
linux-buildinfo-4.15.0-235-tuxcare.els23-lowlatency
linux-cloud-tools-4.15.0-235-tuxcare.els23
linux-cloud-tools-4.15.0-235-tuxcare.els23-generic
linux-cloud-tools-4.15.0-235-tuxcare.els23-lowlatency
linux-cloud-tools-common
linux-cloud-tools-generic
linux-cloud-tools-lowlatency
linux-crashdump
linux-doc
linux-generic
linux-headers-4.15.0-235-tuxcare.els23
linux-headers-4.15.0-235-tuxcare.els23-generic
linux-headers-4.15.0-235-tuxcare.els23-lowlatency
linux-headers-generic
linux-headers-lowlatency
linux-image-generic
linux-image-lowlatency
linux-image-unsigned-4.15.0-235-tuxcare.els23-generic
linux-image-unsigned-4.15.0-235-tuxcare.els23-lowlatency
Package
- Name
- linux-image-unsigned-4.15.0-235-tuxcare.els23-lowlatency
- Purl
- pkg:deb/tuxcare/linux-image-unsigned-4.15.0-235-tuxcare.els23-lowlatency?distro=ubuntu-18.04