USN-6739-1

See a problem?
Source
https://ubuntu.com/security/notices/USN-6739-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/USN-6739-1.json
JSON Data
https://api.osv.dev/v1/vulns/USN-6739-1
Related
  • CVE-2019-25162
  • CVE-2021-46936
  • CVE-2021-46955
  • CVE-2021-46966
  • CVE-2021-46990
  • CVE-2022-20422
  • CVE-2023-1382
  • CVE-2023-1998
  • CVE-2023-24023
  • CVE-2023-51043
  • CVE-2023-51779
  • CVE-2023-52429
  • CVE-2023-52445
  • CVE-2023-52451
  • CVE-2023-52600
  • CVE-2023-52603
  • CVE-2024-23851
Published
2024-04-19T13:23:13.479879Z
Modified
2024-04-19T13:23:13.479879Z
Summary
linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities
Details

It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-20422)

Wei Chen discovered that a race condition existed in the TIPC protocol implementation in the Linux kernel, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-1382)

Jose Oliveira and Rodrigo Branco discovered that the Spectre Variant 2 mitigations with prctl syscall were insufficient in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2023-1998)

Daniele Antonioli discovered that the Secure Simple Pairing and Secure Connections pairing in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials. A physically proximate attacker placed between two Bluetooth devices could use this to subsequently impersonate one of the paired devices. (CVE-2023-24023)

shanzhulig discovered that the DRM subsystem in the Linux kernel contained a race condition when performing certain operation while handling driver unload, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51043)

It was discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-51779)

It was discovered that the device mapper driver in the Linux kernel did not properly validate target size during certain memory allocations. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-52429, CVE-2024-23851)

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Architecture specifics; - ACPI drivers; - I2C subsystem; - Media drivers; - JFS file system; - IPv4 Networking; - Open vSwitch; (CVE-2021-46966, CVE-2021-46936, CVE-2023-52451, CVE-2019-25162, CVE-2023-52445, CVE-2023-52600, CVE-2021-46990, CVE-2021-46955, CVE-2023-52603)

References

Affected packages

Ubuntu:Pro:14.04:LTS / linux-aws

Package

Name
linux-aws

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.0-1130.136

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "linux-aws-cloud-tools-4.4.0-1130": "4.4.0-1130.136",
            "linux-aws": "4.4.0.1130.127",
            "linux-aws-headers-4.4.0-1130": "4.4.0-1130.136",
            "linux-image-4.4.0-1130-aws": "4.4.0-1130.136",
            "linux-buildinfo-4.4.0-1130-aws": "4.4.0-1130.136",
            "linux-cloud-tools-4.4.0-1130-aws": "4.4.0-1130.136",
            "linux-headers-4.4.0-1130-aws": "4.4.0-1130.136",
            "linux-aws-tools-4.4.0-1130": "4.4.0-1130.136",
            "linux-headers-aws": "4.4.0.1130.127",
            "linux-tools-4.4.0-1130-aws": "4.4.0-1130.136",
            "linux-image-aws": "4.4.0.1130.127",
            "linux-modules-4.4.0-1130-aws": "4.4.0-1130.136",
            "linux-tools-aws": "4.4.0.1130.127"
        }
    ]
}

Ubuntu:Pro:14.04:LTS / linux-lts-xenial

Package

Name
linux-lts-xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.0-253.287~14.04.1

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "linux-signed-lowlatency-lts-xenial": "4.4.0.253.287~14.04.1",
            "linux-modules-4.4.0-253-generic": "4.4.0-253.287~14.04.1",
            "linux-cloud-tools-lowlatency-lts-xenial": "4.4.0.253.287~14.04.1",
            "linux-image-4.4.0-253-lowlatency": "4.4.0-253.287~14.04.1",
            "linux-image-unsigned-4.4.0-253-generic": "4.4.0-253.287~14.04.1",
            "linux-generic-lts-xenial": "4.4.0.253.287~14.04.1",
            "linux-image-virtual-lts-xenial": "4.4.0.253.287~14.04.1",
            "linux-lts-xenial-tools-4.4.0-253": "4.4.0-253.287~14.04.1",
            "linux-headers-4.4.0-253-generic": "4.4.0-253.287~14.04.1",
            "linux-image-generic-lts-xenial": "4.4.0.253.287~14.04.1",
            "linux-headers-4.4.0-253-lowlatency": "4.4.0-253.287~14.04.1",
            "linux-cloud-tools-4.4.0-253-lowlatency": "4.4.0-253.287~14.04.1",
            "linux-headers-4.4.0-253": "4.4.0-253.287~14.04.1",
            "linux-image-4.4.0-253-generic": "4.4.0-253.287~14.04.1",
            "linux-image-extra-virtual-lts-xenial": "4.4.0.253.287~14.04.1",
            "linux-tools-generic-lts-xenial": "4.4.0.253.287~14.04.1",
            "linux-virtual-lts-xenial": "4.4.0.253.287~14.04.1",
            "linux-buildinfo-4.4.0-253-generic": "4.4.0-253.287~14.04.1",
            "linux-headers-virtual-lts-xenial": "4.4.0.253.287~14.04.1",
            "linux-tools-4.4.0-253-generic": "4.4.0-253.287~14.04.1",
            "linux-buildinfo-4.4.0-253-lowlatency": "4.4.0-253.287~14.04.1",
            "linux-modules-extra-4.4.0-253-generic": "4.4.0-253.287~14.04.1",
            "linux-signed-generic-lts-xenial": "4.4.0.253.287~14.04.1",
            "linux-tools-4.4.0-253-lowlatency": "4.4.0-253.287~14.04.1",
            "linux-cloud-tools-generic-lts-xenial": "4.4.0.253.287~14.04.1",
            "linux-headers-generic-lts-xenial": "4.4.0.253.287~14.04.1",
            "linux-image-lowlatency-lts-xenial": "4.4.0.253.287~14.04.1",
            "linux-image-unsigned-4.4.0-253-lowlatency": "4.4.0-253.287~14.04.1",
            "linux-lowlatency-lts-xenial": "4.4.0.253.287~14.04.1",
            "linux-cloud-tools-virtual-lts-xenial": "4.4.0.253.287~14.04.1",
            "linux-signed-image-generic-lts-xenial": "4.4.0.253.287~14.04.1",
            "linux-signed-image-lowlatency-lts-xenial": "4.4.0.253.287~14.04.1",
            "linux-modules-4.4.0-253-lowlatency": "4.4.0-253.287~14.04.1",
            "linux-cloud-tools-4.4.0-253-generic": "4.4.0-253.287~14.04.1",
            "linux-tools-lowlatency-lts-xenial": "4.4.0.253.287~14.04.1",
            "linux-tools-virtual-lts-xenial": "4.4.0.253.287~14.04.1",
            "linux-lts-xenial-cloud-tools-4.4.0-253": "4.4.0-253.287~14.04.1",
            "linux-headers-lowlatency-lts-xenial": "4.4.0.253.287~14.04.1"
        }
    ]
}

Ubuntu:Pro:16.04:LTS / linux

Package

Name
linux

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.0-253.287

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "linux-tools-generic-lts-wily": "4.4.0.253.259",
            "linux-tools-virtual-lts-vivid": "4.4.0.253.259",
            "linux-headers-generic-lts-wily": "4.4.0.253.259",
            "linux-source-4.4.0": "4.4.0-253.287",
            "linux-cloud-tools-virtual-lts-wily": "4.4.0.253.259",
            "linux-cloud-tools-lowlatency-lts-xenial": "4.4.0.253.259",
            "linux-image-extra-virtual-lts-utopic": "4.4.0.253.259",
            "linux-generic-lts-utopic": "4.4.0.253.259",
            "linux-tools-virtual": "4.4.0.253.259",
            "linux-cloud-tools-4.4.0-253": "4.4.0-253.287",
            "linux-signed-image-lowlatency": "4.4.0.253.259",
            "linux-source": "4.4.0.253.259",
            "linux-cloud-tools-generic": "4.4.0.253.259",
            "linux-image-virtual": "4.4.0.253.259",
            "linux-headers-virtual-lts-utopic": "4.4.0.253.259",
            "linux-signed-image-generic-lts-wily": "4.4.0.253.259",
            "linux-tools-generic": "4.4.0.253.259",
            "linux-image-generic-lts-vivid": "4.4.0.253.259",
            "linux-buildinfo-4.4.0-253-generic": "4.4.0-253.287",
            "linux-virtual": "4.4.0.253.259",
            "linux-tools-4.4.0-253-generic": "4.4.0-253.287",
            "linux-buildinfo-4.4.0-253-lowlatency": "4.4.0-253.287",
            "linux-virtual-lts-utopic": "4.4.0.253.259",
            "linux-tools-4.4.0-253-lowlatency": "4.4.0-253.287",
            "linux-crashdump": "4.4.0.253.259",
            "linux-generic-lts-vivid": "4.4.0.253.259",
            "linux-image-lowlatency-lts-xenial": "4.4.0.253.259",
            "linux-generic": "4.4.0.253.259",
            "linux-headers-lowlatency-lts-utopic": "4.4.0.253.259",
            "linux-cloud-tools-lowlatency-lts-wily": "4.4.0.253.259",
            "linux-cloud-tools-4.4.0-253-generic": "4.4.0-253.287",
            "linux-image-generic-lts-wily": "4.4.0.253.259",
            "linux-signed-image-generic": "4.4.0.253.259",
            "linux-tools-lowlatency": "4.4.0.253.259",
            "linux-image-virtual-lts-vivid": "4.4.0.253.259",
            "linux-image-hwe-virtual-trusty": "4.4.0.253.259",
            "linux-cloud-tools-common": "4.4.0-253.287",
            "linux-libc-dev": "4.4.0-253.287",
            "linux-image-virtual-lts-xenial": "4.4.0.253.259",
            "linux-tools-lowlatency-lts-wily": "4.4.0.253.259",
            "linux-headers-4.4.0-253-generic": "4.4.0-253.287",
            "linux-image-generic-lts-xenial": "4.4.0.253.259",
            "linux-cloud-tools-4.4.0-253-lowlatency": "4.4.0-253.287",
            "linux-headers-4.4.0-253": "4.4.0-253.287",
            "linux-hwe-generic-trusty": "4.4.0.253.259",
            "linux-headers-virtual": "4.4.0.253.259",
            "linux-image-generic-lts-utopic": "4.4.0.253.259",
            "linux-virtual-lts-xenial": "4.4.0.253.259",
            "linux-tools-generic-lts-vivid": "4.4.0.253.259",
            "linux-headers-virtual-lts-xenial": "4.4.0.253.259",
            "linux-headers-virtual-lts-vivid": "4.4.0.253.259",
            "linux-generic-lts-wily": "4.4.0.253.259",
            "linux-tools-lts-utopic": "4.4.0.253.259",
            "linux-signed-lowlatency": "4.4.0.253.259",
            "linux-lowlatency-lts-vivid": "4.4.0.253.259",
            "linux-image-extra-virtual-lts-vivid": "4.4.0.253.259",
            "linux-signed-image-generic-lts-xenial": "4.4.0.253.259",
            "linux-tools-4.4.0-253": "4.4.0-253.287",
            "linux-lowlatency-lts-utopic": "4.4.0.253.259",
            "linux-signed-image-lowlatency-lts-xenial": "4.4.0.253.259",
            "linux-cloud-tools-virtual-lts-utopic": "4.4.0.253.259",
            "linux-cloud-tools-virtual-lts-xenial": "4.4.0.253.259",
            "linux-signed-generic-lts-vivid": "4.4.0.253.259",
            "linux-headers-generic-lts-vivid": "4.4.0.253.259",
            "linux-cloud-tools-lowlatency-lts-vivid": "4.4.0.253.259",
            "linux-tools-generic-lts-utopic": "4.4.0.253.259",
            "linux-headers-generic-lts-utopic": "4.4.0.253.259",
            "linux-image-generic": "4.4.0.253.259",
            "linux-lowlatency": "4.4.0.253.259",
            "linux-signed-image-generic-lts-utopic": "4.4.0.253.259",
            "linux-cloud-tools-generic-lts-wily": "4.4.0.253.259",
            "linux-image-lowlatency-lts-vivid": "4.4.0.253.259",
            "linux-tools-common": "4.4.0-253.287",
            "linux-image-hwe-generic-trusty": "4.4.0.253.259",
            "linux-tools-virtual-lts-wily": "4.4.0.253.259",
            "linux-modules-4.4.0-253-generic": "4.4.0-253.287",
            "linux-lowlatency-lts-wily": "4.4.0.253.259",
            "linux-image-virtual-lts-utopic": "4.4.0.253.259",
            "linux-cloud-tools-lowlatency": "4.4.0.253.259",
            "linux-image-4.4.0-253-lowlatency": "4.4.0-253.287",
            "linux-image-unsigned-4.4.0-253-generic": "4.4.0-253.287",
            "linux-cloud-tools-virtual": "4.4.0.253.259",
            "linux-cloud-tools-generic-lts-vivid": "4.4.0.253.259",
            "linux-cloud-tools-virtual-lts-vivid": "4.4.0.253.259",
            "linux-headers-4.4.0-253-lowlatency": "4.4.0-253.287",
            "linux-image-extra-virtual": "4.4.0.253.259",
            "linux-signed-image-lowlatency-lts-wily": "4.4.0.253.259",
            "linux-image-4.4.0-253-generic": "4.4.0-253.287",
            "linux-headers-lowlatency-lts-wily": "4.4.0.253.259",
            "linux-tools-generic-lts-xenial": "4.4.0.253.259",
            "linux-cloud-tools-lowlatency-lts-utopic": "4.4.0.253.259",
            "linux-signed-image-generic-lts-vivid": "4.4.0.253.259",
            "linux-cloud-tools-generic-lts-xenial": "4.4.0.253.259",
            "linux-headers-generic-lts-xenial": "4.4.0.253.259",
            "linux-image-unsigned-4.4.0-253-lowlatency": "4.4.0-253.287",
            "linux-virtual-lts-vivid": "4.4.0.253.259",
            "linux-lowlatency-lts-xenial": "4.4.0.253.259",
            "linux-image-lowlatency-lts-utopic": "4.4.0.253.259",
            "linux-image-extra-virtual-lts-wily": "4.4.0.253.259",
            "linux-modules-4.4.0-253-lowlatency": "4.4.0-253.287",
            "linux-headers-lowlatency-lts-xenial": "4.4.0.253.259",
            "linux-signed-lowlatency-lts-wily": "4.4.0.253.259",
            "linux-signed-lowlatency-lts-xenial": "4.4.0.253.259",
            "linux-tools-lowlatency-lts-vivid": "4.4.0.253.259",
            "linux-image-lowlatency-lts-wily": "4.4.0.253.259",
            "linux-doc": "4.4.0-253.287",
            "linux-generic-lts-xenial": "4.4.0.253.259",
            "linux-headers-lowlatency-lts-vivid": "4.4.0.253.259",
            "linux-headers-generic": "4.4.0.253.259",
            "linux-headers-lowlatency": "4.4.0.253.259",
            "linux-image-lowlatency": "4.4.0.253.259",
            "linux-image-extra-virtual-lts-xenial": "4.4.0.253.259",
            "linux-tools-virtual-lts-utopic": "4.4.0.253.259",
            "linux-tools-host": "4.4.0-253.287",
            "linux-headers-virtual-lts-wily": "4.4.0.253.259",
            "linux-signed-generic-lts-wily": "4.4.0.253.259",
            "linux-modules-extra-4.4.0-253-generic": "4.4.0-253.287",
            "linux-signed-generic-lts-xenial": "4.4.0.253.259",
            "linux-signed-generic-lts-utopic": "4.4.0.253.259",
            "linux-cloud-tools-generic-lts-utopic": "4.4.0.253.259",
            "linux-image-virtual-lts-wily": "4.4.0.253.259",
            "linux-hwe-virtual-trusty": "4.4.0.253.259",
            "linux-tools-lowlatency-lts-utopic": "4.4.0.253.259",
            "linux-signed-generic": "4.4.0.253.259",
            "linux-virtual-lts-wily": "4.4.0.253.259",
            "linux-tools-lowlatency-lts-xenial": "4.4.0.253.259",
            "linux-tools-virtual-lts-xenial": "4.4.0.253.259"
        }
    ]
}

Ubuntu:Pro:16.04:LTS / linux-aws

Package

Name
linux-aws

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.0-1168.183

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "linux-image-4.4.0-1168-aws": "4.4.0-1168.183",
            "linux-aws-tools-4.4.0-1168": "4.4.0-1168.183",
            "linux-headers-aws": "4.4.0.1168.172",
            "linux-headers-4.4.0-1168-aws": "4.4.0-1168.183",
            "linux-modules-4.4.0-1168-aws": "4.4.0-1168.183",
            "linux-aws": "4.4.0.1168.172",
            "linux-image-aws": "4.4.0.1168.172",
            "linux-tools-4.4.0-1168-aws": "4.4.0-1168.183",
            "linux-aws-cloud-tools-4.4.0-1168": "4.4.0-1168.183",
            "linux-modules-extra-aws": "4.4.0.1168.172",
            "linux-buildinfo-4.4.0-1168-aws": "4.4.0-1168.183",
            "linux-aws-headers-4.4.0-1168": "4.4.0-1168.183",
            "linux-modules-extra-4.4.0-1168-aws": "4.4.0-1168.183",
            "linux-cloud-tools-4.4.0-1168-aws": "4.4.0-1168.183",
            "linux-tools-aws": "4.4.0.1168.172"
        }
    ]
}

Ubuntu:Pro:16.04:LTS / linux-kvm

Package

Name
linux-kvm

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.0-1131.141

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "linux-headers-kvm": "4.4.0.1131.128",
            "linux-kvm": "4.4.0.1131.128",
            "linux-cloud-tools-4.4.0-1131-kvm": "4.4.0-1131.141",
            "linux-kvm-cloud-tools-4.4.0-1131": "4.4.0-1131.141",
            "linux-image-4.4.0-1131-kvm": "4.4.0-1131.141",
            "linux-tools-kvm": "4.4.0.1131.128",
            "linux-kvm-headers-4.4.0-1131": "4.4.0-1131.141",
            "linux-modules-4.4.0-1131-kvm": "4.4.0-1131.141",
            "linux-tools-4.4.0-1131-kvm": "4.4.0-1131.141",
            "linux-buildinfo-4.4.0-1131-kvm": "4.4.0-1131.141",
            "linux-headers-4.4.0-1131-kvm": "4.4.0-1131.141",
            "linux-image-kvm": "4.4.0.1131.128",
            "linux-kvm-tools-4.4.0-1131": "4.4.0-1131.141"
        }
    ]
}