LSN-0114-1

In the Linux kernel, the following vulnerability has been resolved: bfq: fix use-after-free in bfqdispatchrequest KASAN reports a use-after-free report when doing normal scsi-mq test .

In the Linux kernel, the following vulnerability has been resolved: block, bfq: don't move oom_bfqq Our test report a UAF: .

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: fix use-after-free in l2capconndel() When l2caprecvframe() is invoked to receive data, and the cid is L2CAPCIDA2MP, if the channel does not exist, it will create a channel. However, after a channel is created, the hold operation of the channel is not performed.

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix UAF in svctcplistendataready() After the listener svcsock is freed, and before invoking svctcpaccept() for the established child sock, there is a window that the newsock retaining a freed listener svcsock in skuserdata which cloning from parent.

In the Linux kernel, the following vulnerability has been resolved: ext4: aovid use-after-free in ext4extinsertextent() As Ojaswin mentioned in Link, in ext4extinsertextent(), if the path is reallocated in ext4extcreatenewleaf(), we'll use the stale path and cause UAF. Below is a sample trace with dummy values: ext4extinsert_extent path .

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices A bogus device can provide a bNumConfigurations value that exceeds the initial value used in usbgetconfiguration for allocating dev->config.

In the Linux kernel, the following vulnerability has been resolved: ovl: fix UAF in ovldentryupdatereval by moving dput() in ovllinkup The issue was caused by dput(upper) being called before ovldentryupdatereval(), while upper->dflags was still accessed in ovldentry_remote().

In the Linux kernel, the following vulnerability has been resolved: RDMA/erdma: Prevent use-after-free in erdmaacceptnewconn() After the erdmacepput(newcep) being called, newcep will be freed, and the following dereference will cause a UAF problem.

References

Affected packages

Ubuntu:Pro:14.04:LTS / linux-lts-xenial

Package

Name: linux-lts-xenial
Purl: pkg:deb/ubuntu/linux-lts-xenial@4.4.0-271.305~14.04.1?arch=source&distro=esm-infra-legacy/trusty

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.4.0-271.305~14.04.1

Affected versions

4.*

4.4.0-13.29~14.04.1

4.4.0-14.30~14.04.2

4.4.0-15.31~14.04.1

4.4.0-18.34~14.04.1

4.4.0-21.37~14.04.1

4.4.0-22.39~14.04.1

4.4.0-22.40~14.04.1

4.4.0-24.43~14.04.1

4.4.0-28.47~14.04.1

4.4.0-31.50~14.04.1

4.4.0-34.53~14.04.1

4.4.0-36.55~14.04.1

4.4.0-38.57~14.04.1

4.4.0-42.62~14.04.1

4.4.0-45.66~14.04.1

4.4.0-47.68~14.04.1

4.4.0-51.72~14.04.1

4.4.0-53.74~14.04.1

4.4.0-57.78~14.04.1

4.4.0-59.80~14.04.1

4.4.0-62.83~14.04.1

4.4.0-63.84~14.04.2

4.4.0-64.85~14.04.1

4.4.0-66.87~14.04.1

4.4.0-67.88~14.04.1

4.4.0-70.91~14.04.1

4.4.0-71.92~14.04.1

4.4.0-72.93~14.04.1

4.4.0-75.96~14.04.1

4.4.0-78.99~14.04.2

4.4.0-79.100~14.04.1

4.4.0-81.104~14.04.1

4.4.0-83.106~14.04.1

4.4.0-87.110~14.04.1

4.4.0-89.112~14.04.1

4.4.0-91.114~14.04.1

4.4.0-92.115~14.04.1

4.4.0-93.116~14.04.1

4.4.0-96.119~14.04.1

4.4.0-97.120~14.04.1

4.4.0-98.121~14.04.1

4.4.0-101.124~14.04.1

4.4.0-103.126~14.04.1

4.4.0-104.127~14.04.1

4.4.0-108.131~14.04.1

4.4.0-109.132~14.04.1

4.4.0-111.134~14.04.1

4.4.0-112.135~14.04.1

4.4.0-116.140~14.04.1

4.4.0-119.143~14.04.1

4.4.0-121.145~14.04.1

4.4.0-124.148~14.04.1

4.4.0-127.153~14.04.1

4.4.0-128.154~14.04.1

4.4.0-130.156~14.04.1

4.4.0-131.157~14.04.1

4.4.0-133.159~14.04.1

4.4.0-134.160~14.04.1

4.4.0-135.161~14.04.1

4.4.0-137.163~14.04.1

4.4.0-138.164~14.04.1

4.4.0-139.165~14.04.1

4.4.0-140.166~14.04.1

4.4.0-141.167~14.04.1

4.4.0-142.168~14.04.1

4.4.0-143.169~14.04.2

4.4.0-144.170~14.04.1

4.4.0-146.172~14.04.1

4.4.0-148.174~14.04.1

4.4.0-164.192~14.04.1

4.4.0-165.193~14.04.1

4.4.0-166.195~14.04.1

4.4.0-168.197~14.04.1

4.4.0-169.198~14.04.1

4.4.0-170.199~14.04.1

4.4.0-171.200~14.04.1

4.4.0-173.203~14.04.1

4.4.0-174.204~14.04.1

4.4.0-176.206~14.04.1

4.4.0-177.207~14.04.1

4.4.0-178.208~14.04.1

4.4.0-179.209~14.04.1

4.4.0-184.214~14.04.1

4.4.0-185.215~14.04.1

4.4.0-186.216~14.04.1

4.4.0-187.217~14.04.1

4.4.0-189.219~14.04.1

4.4.0-190.220~14.04.1

4.4.0-193.224~14.04.1

4.4.0-194.226~14.04.1

4.4.0-197.229~14.04.1

4.4.0-198.230~14.04.1

4.4.0-200.232~14.04.1

4.4.0-201.233~14.04.1

4.4.0-203.235~14.04.1

4.4.0-204.236~14.04.1

4.4.0-206.238~14.04.1

4.4.0-208.240~14.04.1

4.4.0-209.241~14.04.1

4.4.0-210.242~14.04.1

4.4.0-211.243~14.04.1

4.4.0-212.244~14.04.1

4.4.0-213.245~14.04.1

4.4.0-214.246~14.04.1

4.4.0-215.247~14.04.1

4.4.0-218.251~14.04.1

4.4.0-219.252~14.04.1

4.4.0-221.254~14.04.1

4.4.0-222.255~14.04.1

4.4.0-223.256~14.04.1

4.4.0-224.257~14.04.1

4.4.0-227.261~14.04.1

4.4.0-229.263~14.04.1

4.4.0-230.264~14.04.1

4.4.0-231.265~14.04.1

4.4.0-233.267~14.04.1

4.4.0-234.268~14.04.1

4.4.0-235.269~14.04.1

4.4.0-236.270~14.04.1

4.4.0-237.271~14.04.1

4.4.0-239.273~14.04.1

4.4.0-240.274~14.04.1

4.4.0-241.275~14.04.1

4.4.0-242.276~14.04.1

4.4.0-243.277~14.04.1

4.4.0-244.278~14.04.1

4.4.0-245.279~14.04.1

4.4.0-246.280~14.04.1

4.4.0-248.282~14.04.1

4.4.0-250.284~14.04.1

4.4.0-251.285~14.04.1

4.4.0-252.286~14.04.1

4.4.0-253.287~14.04.1

4.4.0-254.288~14.04.1

4.4.0-256.290~14.04.1

4.4.0-257.291~14.04.1

4.4.0-258.292~14.04.2

4.4.0-259.293~14.04.1

4.4.0-260.294~14.04.1

4.4.0-261.295~14.04.1

4.4.0-262.296~14.04.1

4.4.0-263.297~14.04.1

4.4.0-264.298~14.04.1

4.4.0-266.300~14.04.1

4.4.0-267.301~14.04.1

4.4.0-268.302~14.04.1

4.4.0-269.303~14.04.1

4.4.0-270.304~14.04.1

Ecosystem specific

{
    "availability": "Livepatch subscription required",
    "module_name_regex": "lkp_Ubuntu_4_4_0[_|\\d]+_(?:generic|lowlatency)_(\\d+)"
}

Ubuntu:Pro:16.04:LTS / linux-aws-hwe

Package

Name: linux-aws-hwe
Purl: pkg:deb/ubuntu/linux-aws-hwe@4.15.0-1183.196~16.04.1?arch=source&distro=esm-infra/xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.15.0-1183.196~16.04.1

Affected versions

4.*

4.15.0-1030.31~16.04.1

4.15.0-1031.33~16.04.1

4.15.0-1032.34~16.04.1

4.15.0-1033.35~16.04.1

4.15.0-1035.37~16.04.1

4.15.0-1036.38~16.04.1

4.15.0-1039.41~16.04.1

4.15.0-1040.42~16.04.1

4.15.0-1041.43~16.04.1

4.15.0-1043.45~16.04.1

4.15.0-1044.46~16.04.1

4.15.0-1045.47~16.04.1

4.15.0-1047.49~16.04.1

4.15.0-1048.50~16.04.1

4.15.0-1050.52~16.04.1

4.15.0-1051.53~16.04.1

4.15.0-1052.54~16.04.1

4.15.0-1054.56~16.04.1

4.15.0-1056.58~16.04.1

4.15.0-1057.59~16.04.1

4.15.0-1058.60~16.04.1

4.15.0-1060.62~16.04.1

4.15.0-1063.67~16.04.1

4.15.0-1065.69~16.04.1

4.15.0-1066.70~16.04.1

4.15.0-1067.71~16.04.1

4.15.0-1073.77~16.04.1

4.15.0-1074.78~16.04.1

4.15.0-1079.83~16.04.1

4.15.0-1080.84~16.04.1

4.15.0-1082.86~16.04.1

4.15.0-1083.87~16.04.1

4.15.0-1085.90~16.04.1

4.15.0-1088.93~16.04.1

4.15.0-1090.95~16.04.1

4.15.0-1091.96~16.04.1

4.15.0-1093.99~16.04.1

4.15.0-1094.101~16.04.1

4.15.0-1095.102~16.04.1

4.15.0-1096.103~16.04.1

4.15.0-1097.104~16.04.1

4.15.0-1098.105~16.04.1

4.15.0-1099.106~16.04.1

4.15.0-1102.109~16.04.1

4.15.0-1103.110~16.04.1

4.15.0-1106.113~16.04.1

4.15.0-1109.116~16.04.1

4.15.0-1110.117~16.04.1

4.15.0-1111.118~16.04.1

4.15.0-1112.119~16.04.1

4.15.0-1113.120~16.04.1

4.15.0-1115.122~16.04.1

4.15.0-1116.123~16.04.1

4.15.0-1118.125~16.04.1

4.15.0-1119.126~16.04.2

4.15.0-1120.128~16.04.1

4.15.0-1123.132~16.04.1

4.15.0-1124.133~16.04.1

4.15.0-1126.135~16.04.2

4.15.0-1127.136~16.04.1

4.15.0-1128.137~16.04.1

4.15.0-1130.139~16.04.1

4.15.0-1133.143~16.04.1

4.15.0-1136.147~16.04.1

4.15.0-1137.148~16.04.1

4.15.0-1139.150~16.04.1

4.15.0-1140.151~16.04.1

4.15.0-1141.152~16.04.1

4.15.0-1142.154~16.04.1

4.15.0-1143.155~16.04.1

4.15.0-1146.158~16.04.2

4.15.0-1147.159~16.04.1

4.15.0-1148.160~16.04.1

4.15.0-1151.164~16.04.1

4.15.0-1153.166~16.04.1

4.15.0-1154.167~16.04.1

4.15.0-1155.168~16.04.1

4.15.0-1156.169~16.04.1

4.15.0-1157.170~16.04.1

4.15.0-1158.171~16.04.1

4.15.0-1159.172~16.04.1

4.15.0-1160.173~16.04.1

4.15.0-1161.174~16.04.1

4.15.0-1162.175~16.04.1

4.15.0-1163.176~16.04.1

4.15.0-1164.177~16.04.1

4.15.0-1165.178~16.04.1

4.15.0-1166.179~16.04.1

4.15.0-1167.180~16.04.1

4.15.0-1168.181~16.04.1

4.15.0-1169.182~16.04.1

4.15.0-1170.183~16.04.1

4.15.0-1172.185~16.04.1

4.15.0-1173.186~16.04.1

4.15.0-1174.187~16.04.1

4.15.0-1175.188~16.04.1

4.15.0-1176.189~16.04.1

4.15.0-1177.190~16.04.1

4.15.0-1178.191~16.04.1

4.15.0-1179.192~16.04.1

4.15.0-1180.193~16.04.1

4.15.0-1181.194~16.04.1

4.15.0-1182.195~16.04.1

Ecosystem specific

{
    "availability": "Livepatch subscription required",
    "module_name_regex": "lkp_Ubuntu_4_15_0[_|\\d]+_aws_(\\d+)"
}

Ubuntu:Pro:18.04:LTS / linux-aws

Package

Name: linux-aws
Purl: pkg:deb/ubuntu/linux-aws@4.15.0-1183.196?arch=source&distro=esm-infra/bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.15.0-1183.196

Affected versions

4.*

4.15.0-1001.1

4.15.0-1003.3

4.15.0-1005.5

4.15.0-1006.6

4.15.0-1007.7

4.15.0-1009.9

4.15.0-1010.10

4.15.0-1011.11

4.15.0-1016.16

4.15.0-1017.17

4.15.0-1019.19

4.15.0-1020.20

4.15.0-1021.21

4.15.0-1023.23

4.15.0-1025.25

4.15.0-1027.27

4.15.0-1029.30

4.15.0-1031.33

4.15.0-1032.34

4.15.0-1033.35

4.15.0-1034.36

4.15.0-1035.37

4.15.0-1037.39

4.15.0-1039.41

4.15.0-1040.42

4.15.0-1041.43

4.15.0-1043.45

4.15.0-1044.46

4.15.0-1045.47

4.15.0-1047.49

4.15.0-1048.50

4.15.0-1050.52

4.15.0-1051.53

4.15.0-1052.54

4.15.0-1054.56

4.15.0-1056.58

4.15.0-1057.59

4.15.0-1058.60

4.15.0-1060.62

4.15.0-1063.67

4.15.0-1065.69

4.15.0-1066.70

4.15.0-1067.71

4.15.0-1073.77

4.15.0-1076.80

4.15.0-1077.81

4.15.0-1079.83

4.15.0-1080.84

4.15.0-1082.86

4.15.0-1083.87

4.15.0-1086.91

4.15.0-1087.92

4.15.0-1088.93

4.15.0-1090.95

4.15.0-1091.96

4.15.0-1092.98

4.15.0-1093.99

4.15.0-1094.101

4.15.0-1095.102

4.15.0-1096.103

4.15.0-1097.104

4.15.0-1098.105

4.15.0-1099.106

4.15.0-1101.108

4.15.0-1102.109

4.15.0-1103.110

4.15.0-1106.113

4.15.0-1109.116

4.15.0-1110.117

4.15.0-1111.118

4.15.0-1112.119

4.15.0-1114.121

4.15.0-1115.122

4.15.0-1116.123

4.15.0-1118.125

4.15.0-1119.127

4.15.0-1121.129

4.15.0-1123.132

4.15.0-1124.133

4.15.0-1126.135

4.15.0-1127.136

4.15.0-1128.137

4.15.0-1130.139

4.15.0-1133.143

4.15.0-1136.147

4.15.0-1137.148

4.15.0-1139.150

4.15.0-1140.151

4.15.0-1141.152

4.15.0-1142.154

4.15.0-1143.155

4.15.0-1144.156

4.15.0-1146.158

4.15.0-1147.159

4.15.0-1148.160

4.15.0-1150.163

4.15.0-1151.164

4.15.0-1153.166

4.15.0-1154.167

4.15.0-1155.168

4.15.0-1156.169

4.15.0-1157.170

4.15.0-1158.171

4.15.0-1159.172

4.15.0-1160.173

4.15.0-1161.174

4.15.0-1162.175

4.15.0-1163.176

4.15.0-1164.177

4.15.0-1165.178

4.15.0-1166.179

4.15.0-1167.180

4.15.0-1168.181

4.15.0-1169.182

4.15.0-1170.183

4.15.0-1172.185

4.15.0-1173.186

4.15.0-1174.187

4.15.0-1175.188

4.15.0-1176.189

4.15.0-1177.190

4.15.0-1178.191

4.15.0-1179.192

4.15.0-1180.193

4.15.0-1181.194

4.15.0-1182.195

Ecosystem specific

{
    "availability": "Livepatch subscription required",
    "module_name_regex": "lkp_Ubuntu_4_15_0[_|\\d]+_aws_(\\d+)"
}

Ubuntu:Pro:20.04:LTS / linux-aws-5.15

Package

Name: linux-aws-5.15
Purl: pkg:deb/ubuntu/linux-aws-5.15@5.15.0-1084.91~20.04.1?arch=source&distro=focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.15.0-1084.91~20.04.1

Affected versions

5.*

5.15.0-1014.18~20.04.1

5.15.0-1015.19~20.04.1

5.15.0-1017.21~20.04.1

5.15.0-1019.23~20.04.1

5.15.0-1020.24~20.04.1

5.15.0-1021.25~20.04.1

5.15.0-1022.26~20.04.1

5.15.0-1023.27~20.04.1

5.15.0-1026.30~20.04.2

5.15.0-1027.31~20.04.1

5.15.0-1028.32~20.04.1

5.15.0-1030.34~20.04.1

5.15.0-1031.35~20.04.1

5.15.0-1033.37~20.04.1

5.15.0-1034.38~20.04.1

5.15.0-1035.39~20.04.1

5.15.0-1036.40~20.04.1

5.15.0-1037.41~20.04.1

5.15.0-1038.43~20.04.1

5.15.0-1039.44~20.04.1

5.15.0-1040.45~20.04.1

5.15.0-1041.46~20.04.1

5.15.0-1043.48~20.04.1

5.15.0-1044.49~20.04.1

5.15.0-1045.50~20.04.1

5.15.0-1047.52~20.04.1

5.15.0-1048.53~20.04.1

5.15.0-1049.54~20.04.1

5.15.0-1050.55~20.04.1

5.15.0-1051.56~20.04.1

5.15.0-1052.57~20.04.1

5.15.0-1053.58~20.04.1

5.15.0-1055.60~20.04.1

5.15.0-1056.61~20.04.1

5.15.0-1057.63~20.04.1

5.15.0-1058.64~20.04.1

5.15.0-1061.67~20.04.1

5.15.0-1062.68~20.04.1

5.15.0-1063.69~20.04.1

5.15.0-1064.70~20.04.1

5.15.0-1065.71~20.04.1

5.15.0-1066.72~20.04.1

5.15.0-1067.73~20.04.1

5.15.0-1068.74~20.04.1

5.15.0-1069.75~20.04.1

5.15.0-1070.76~20.04.1

5.15.0-1071.77~20.04.1

5.15.0-1072.78~20.04.1

5.15.0-1073.79~20.04.1

5.15.0-1075.82~20.04.1

5.15.0-1077.84~20.04.1

5.15.0-1080.87~20.04.1

5.15.0-1081.88~20.04.1

5.15.0-1082.89~20.04.1

5.15.0-1083.90~20.04.1

Ecosystem specific

{
    "availability": "Livepatch subscription required",
    "module_name_regex": "lkp_Ubuntu_5_15_0[_|\\d]+_aws_(\\d+)"
}

Ubuntu:Pro:22.04:LTS / linux-aws

Package

Name: linux-aws
Purl: pkg:deb/ubuntu/linux-aws@5.15.0-1084.91?arch=source&distro=jammy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.15.0-1084.91

Affected versions

5.*

5.13.0-1005.6

5.15.0-1002.4

5.15.0-1003.5

5.15.0-1004.6

5.15.0-1005.7

5.15.0-1008.10

5.15.0-1009.11

5.15.0-1011.14

5.15.0-1013.17

5.15.0-1014.18

5.15.0-1015.19

5.15.0-1017.21

5.15.0-1019.23

5.15.0-1020.24

5.15.0-1021.25

5.15.0-1022.26

5.15.0-1023.27

5.15.0-1026.30

5.15.0-1027.31

5.15.0-1028.32

5.15.0-1030.34

5.15.0-1031.35

5.15.0-1033.37

5.15.0-1034.38

5.15.0-1035.39

5.15.0-1036.40

5.15.0-1037.41

5.15.0-1038.43

5.15.0-1039.44

5.15.0-1040.45

5.15.0-1042.47

5.15.0-1043.48

5.15.0-1044.49

5.15.0-1045.50

5.15.0-1047.52

5.15.0-1048.53

5.15.0-1049.54

5.15.0-1050.55

5.15.0-1051.56

5.15.0-1052.57

5.15.0-1053.58

5.15.0-1055.60

5.15.0-1056.61

5.15.0-1057.63

5.15.0-1060.66

5.15.0-1061.67

5.15.0-1062.68

5.15.0-1063.69

5.15.0-1064.70

5.15.0-1065.71

5.15.0-1066.72

5.15.0-1067.73

5.15.0-1068.74

5.15.0-1069.75

5.15.0-1070.76

5.15.0-1071.77

5.15.0-1072.78

5.15.0-1073.79

5.15.0-1076.83

5.15.0-1078.85

5.15.0-1079.86

5.15.0-1080.87

5.15.0-1081.88

5.15.0-1082.89

5.15.0-1083.90

Ecosystem specific

{
    "availability": "Livepatch subscription required",
    "module_name_regex": "lkp_Ubuntu_5_15_0[_|\\d]+_aws_(\\d+)"
}

Ubuntu:Pro:24.04:LTS / linux-aws

Package

Name: linux-aws
Purl: pkg:deb/ubuntu/linux-aws@6.8.0-1031.33?arch=source&distro=noble

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.8.0-1031.33

Affected versions

6.*

6.5.0-1008.8

6.6.0-1001.1

6.8.0-1001.1

6.8.0-1006.6

6.8.0-1008.8

6.8.0-1009.9

6.8.0-1010.10

6.8.0-1011.12

6.8.0-1012.13

6.8.0-1013.14

6.8.0-1014.15

6.8.0-1015.16

6.8.0-1016.17

6.8.0-1017.18

6.8.0-1018.20

6.8.0-1019.21

6.8.0-1020.22

6.8.0-1021.23

6.8.0-1023.25

6.8.0-1024.26

6.8.0-1025.27

6.8.0-1026.28

6.8.0-1027.29

6.8.0-1028.30

6.8.0-1029.31

6.8.0-1030.32

Ecosystem specific

{
    "availability": "Livepatch subscription required",
    "module_name_regex": "lkp_Ubuntu_6_8_0[_|\\d]+_aws_(\\d+)"
}