Ubuntu update for linux-aws-5.15
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 6 |
| CVE-ID | CVE-2024-25742 CVE-2024-26886 CVE-2023-52752 CVE-2024-36016 CVE-2024-26952 CVE-2024-27017 |
| CWE-ID | CWE-94 CWE-416 CWE-787 CWE-125 CWE-682 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software |
Ubuntu Operating systems & Components / Operating system linux-image-raspi (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-aws (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-5.15.0-1066-aws (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-raspi-nolpae (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-ibm (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-5.15.0-1059-raspi (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-5.15.0-1059-ibm (Ubuntu package) Operating systems & Components / Operating system package or component |
| Vendor | Canonical Ltd. |
Security Bulletin
This security bulletin contains information about 6 vulnerabilities.
1) Code Injection
EUVDB-ID: #VU89087
Risk: Low
CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-25742
CWE-ID:
CWE-94 - Improper Control of Generation of Code ('Code Injection')
Exploit availability: No
Description
The vulnerability allows a malicious hypervisor to escalate privileges on the system.
The vulnerability exists due to improper input validation when handling interrupts. A malicious hypervisor can inject interrupt 0x80, which is used by Linux for legacy 32-bit system calls, and arbitrarily change the value stored in EAX while a SEV VM is running.
Update the affected package linux-aws-5.15 to the latest version.
Vulnerable software versionsUbuntu: 20.04 - 22.04
linux-image-raspi (Ubuntu package): before 5.15.0.1059.57
linux-image-aws (Ubuntu package): before 5.15.0.1066.72~20.04.1
linux-image-5.15.0-1066-aws (Ubuntu package): before 5.15.0-1066.72~20.04.1
linux-image-raspi-nolpae (Ubuntu package): before 5.15.0.1059.57
linux-image-ibm (Ubuntu package): before 5.15.0.1059.55
linux-image-5.15.0-1059-raspi (Ubuntu package): before 5.15.0-1059.62
linux-image-5.15.0-1059-ibm (Ubuntu package): before 5.15.0-1059.62~20.04.1
CPE2.3- cpe:2.3:o:canonical:ubuntu:20.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu:22.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:linux-image-raspi_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-aws_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-5.15.0-1066-aws_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-raspi-nolpae_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-ibm_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-5.15.0-1059-raspi_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-5.15.0-1059-ibm_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6923-2
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Use-after-free
EUVDB-ID: #VU90200
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26886
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bt_sock_recvmsg() and bt_sock_ioctl() functions in net/bluetooth/af_bluetooth.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package linux-aws-5.15 to the latest version.
Vulnerable software versionsUbuntu: 20.04 - 22.04
linux-image-raspi (Ubuntu package): before 5.15.0.1059.57
linux-image-aws (Ubuntu package): before 5.15.0.1066.72~20.04.1
linux-image-5.15.0-1066-aws (Ubuntu package): before 5.15.0-1066.72~20.04.1
linux-image-raspi-nolpae (Ubuntu package): before 5.15.0.1059.57
linux-image-ibm (Ubuntu package): before 5.15.0.1059.55
linux-image-5.15.0-1059-raspi (Ubuntu package): before 5.15.0-1059.62
linux-image-5.15.0-1059-ibm (Ubuntu package): before 5.15.0-1059.62~20.04.1
CPE2.3- cpe:2.3:o:canonical:linux-image-raspi_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-aws_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-5.15.0-1066-aws_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-raspi-nolpae_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-ibm_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-5.15.0-1059-raspi_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-5.15.0-1059-ibm_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6923-2
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Use-after-free
EUVDB-ID: #VU90068
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-52752
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the seq_printf() and spin_unlock() functions in fs/smb/client/cifs_debug.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package linux-aws-5.15 to the latest version.
Vulnerable software versionsUbuntu: 20.04 - 22.04
linux-image-raspi (Ubuntu package): before 5.15.0.1059.57
linux-image-aws (Ubuntu package): before 5.15.0.1066.72~20.04.1
linux-image-5.15.0-1066-aws (Ubuntu package): before 5.15.0-1066.72~20.04.1
linux-image-raspi-nolpae (Ubuntu package): before 5.15.0.1059.57
linux-image-ibm (Ubuntu package): before 5.15.0.1059.55
linux-image-5.15.0-1059-raspi (Ubuntu package): before 5.15.0-1059.62
linux-image-5.15.0-1059-ibm (Ubuntu package): before 5.15.0-1059.62~20.04.1
CPE2.3- cpe:2.3:o:canonical:linux-image-raspi_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-aws_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-5.15.0-1066-aws_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-raspi-nolpae_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-ibm_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-5.15.0-1059-raspi_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-5.15.0-1059-ibm_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6923-2
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Out-of-bounds write
EUVDB-ID: #VU89898
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-36016
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
Description The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the gsm0_receive() function in drivers/tty/n_gsm.c. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.
Update the affected package linux-aws-5.15 to the latest version.
Vulnerable software versionsUbuntu: 20.04 - 22.04
linux-image-raspi (Ubuntu package): before 5.15.0.1059.57
linux-image-aws (Ubuntu package): before 5.15.0.1066.72~20.04.1
linux-image-5.15.0-1066-aws (Ubuntu package): before 5.15.0-1066.72~20.04.1
linux-image-raspi-nolpae (Ubuntu package): before 5.15.0.1059.57
linux-image-ibm (Ubuntu package): before 5.15.0.1059.55
linux-image-5.15.0-1059-raspi (Ubuntu package): before 5.15.0-1059.62
linux-image-5.15.0-1059-ibm (Ubuntu package): before 5.15.0-1059.62~20.04.1
CPE2.3- cpe:2.3:o:canonical:linux-image-raspi_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-aws_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-5.15.0-1066-aws_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-raspi-nolpae_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-ibm_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-5.15.0-1059-raspi_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-5.15.0-1059-ibm_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6923-2
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Out-of-bounds read
EUVDB-ID: #VU90317
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26952
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to an out-of-bounds read error within the smb2_tree_connect(), smb2_open(), smb2_query_dir(), smb2_get_ea(), smb2_set_info_file(), smb2_set_info(), fsctl_pipe_transceive() and smb2_ioctl() functions in fs/smb/server/smb2pdu.c, within the smb2_get_data_area_len() function in fs/smb/server/smb2misc.c. A local user can execute arbitrary code.
MitigationUpdate the affected package linux-aws-5.15 to the latest version.
Vulnerable software versionsUbuntu: 20.04 - 22.04
linux-image-raspi (Ubuntu package): before 5.15.0.1059.57
linux-image-aws (Ubuntu package): before 5.15.0.1066.72~20.04.1
linux-image-5.15.0-1066-aws (Ubuntu package): before 5.15.0-1066.72~20.04.1
linux-image-raspi-nolpae (Ubuntu package): before 5.15.0.1059.57
linux-image-ibm (Ubuntu package): before 5.15.0.1059.55
linux-image-5.15.0-1059-raspi (Ubuntu package): before 5.15.0-1059.62
linux-image-5.15.0-1059-ibm (Ubuntu package): before 5.15.0-1059.62~20.04.1
CPE2.3- cpe:2.3:o:canonical:linux-image-raspi_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-aws_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-5.15.0-1066-aws_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-raspi-nolpae_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-ibm_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-5.15.0-1059-raspi_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-5.15.0-1059-ibm_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6923-2
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Incorrect calculation
EUVDB-ID: #VU93615
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27017
CWE-ID:
CWE-682 - Incorrect Calculation
Exploit availability: No
DescriptionThe vulnerability allows a local user to manipulate data.
The vulnerability exists due to incorrect calculation within the nft_pipapo_walk() function in net/netfilter/nft_set_pipapo.c, within the nft_map_deactivate(), nf_tables_bind_set(), nft_map_activate(), nf_tables_dump_set(), nft_set_flush() and nf_tables_check_loops() functions in net/netfilter/nf_tables_api.c. A local user can manipulate data.
MitigationUpdate the affected package linux-aws-5.15 to the latest version.
Vulnerable software versionsUbuntu: 20.04 - 22.04
linux-image-raspi (Ubuntu package): before 5.15.0.1059.57
linux-image-aws (Ubuntu package): before 5.15.0.1066.72~20.04.1
linux-image-5.15.0-1066-aws (Ubuntu package): before 5.15.0-1066.72~20.04.1
linux-image-raspi-nolpae (Ubuntu package): before 5.15.0.1059.57
linux-image-ibm (Ubuntu package): before 5.15.0.1059.55
linux-image-5.15.0-1059-raspi (Ubuntu package): before 5.15.0-1059.62
linux-image-5.15.0-1059-ibm (Ubuntu package): before 5.15.0-1059.62~20.04.1
CPE2.3- cpe:2.3:o:canonical:linux-image-raspi_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-aws_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-5.15.0-1066-aws_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-raspi-nolpae_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-ibm_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-5.15.0-1059-raspi_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-5.15.0-1059-ibm_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-6923-2
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
