Ubuntu update for linux-xilinx-zynqmp
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 14 |
| CVE-ID | CVE-2020-12351 CVE-2020-12352 CVE-2020-24490 CVE-2024-43904 CVE-2024-35963 CVE-2024-35967 CVE-2024-40973 CVE-2024-26822 CVE-2024-35965 CVE-2024-40910 CVE-2024-38553 CVE-2024-53057 CVE-2024-50264 CVE-2024-35966 |
| CWE-ID | CWE-20 CWE-284 CWE-119 CWE-476 CWE-125 CWE-399 CWE-401 CWE-667 CWE-416 |
| Exploitation vector | Local network |
| Public exploit |
Public exploit code for vulnerability #1 is available. Public exploit code for vulnerability #2 is available. Public exploit code for vulnerability #3 is available. |
| Vulnerable software |
Ubuntu Operating systems & Components / Operating system linux-image-xilinx-zynqmp (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-5.15.0-1041-xilinx-zynqmp (Ubuntu package) Operating systems & Components / Operating system package or component |
| Vendor | Canonical Ltd. |
Security Bulletin
This security bulletin contains information about 14 vulnerabilities.
1) Input validation error
EUVDB-ID: #VU47545
Risk: Medium
CVSSv4.0: 7.4 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2020-12351
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to insufficient validation of user-supplied input within the BlueZ implementation in Linux kernel. A remote attacker on the local network can pass specially crafted input to the application and execute arbitrary code on the system.
MitigationUpdate the affected package linux-xilinx-zynqmp to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-xilinx-zynqmp (Ubuntu package): before 5.15.0.1041.45
linux-image-5.15.0-1041-xilinx-zynqmp (Ubuntu package): before 5.15.0-1041.45
CPE2.3- cpe:2.3:o:canonical:ubuntu:22.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:linux-image-xilinx-zynqmp_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-5_15_0-1041-xilinx-zynqmp_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-7179-4
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
2) Improper access control
EUVDB-ID: #VU47546
Risk: Medium
CVSSv4.0: 5.7 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2020-12352
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to improper access restrictions in BlueZ implementation in Linux kernel. A remote attacker on the local network can pass specially crafted input to the application and gain access to sensitive information.
MitigationUpdate the affected package linux-xilinx-zynqmp to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-xilinx-zynqmp (Ubuntu package): before 5.15.0.1041.45
linux-image-5.15.0-1041-xilinx-zynqmp (Ubuntu package): before 5.15.0-1041.45
CPE2.3- cpe:2.3:o:canonical:linux-image-xilinx-zynqmp_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-5_15_0-1041-xilinx-zynqmp_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-7179-4
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
3) Buffer overflow
EUVDB-ID: #VU47549
Risk: Medium
CVSSv4.0: 5.7 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2020-24490
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error within BlueZ implementation in Linux kernel. A remote attacker on the local network can pass specially crated data to the system and perform a denial of service (DoS) attack.
Update the affected package linux-xilinx-zynqmp to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-xilinx-zynqmp (Ubuntu package): before 5.15.0.1041.45
linux-image-5.15.0-1041-xilinx-zynqmp (Ubuntu package): before 5.15.0-1041.45
CPE2.3- cpe:2.3:o:canonical:linux-image-xilinx-zynqmp_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-5_15_0-1041-xilinx-zynqmp_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-7179-4
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
4) NULL pointer dereference
EUVDB-ID: #VU96529
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-43904
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dcn30_apply_idle_power_optimizations() function in drivers/gpu/drm/amd/display/dc/hwss/dcn30/dcn30_hwseq.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package linux-xilinx-zynqmp to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-xilinx-zynqmp (Ubuntu package): before 5.15.0.1041.45
linux-image-5.15.0-1041-xilinx-zynqmp (Ubuntu package): before 5.15.0-1041.45
CPE2.3- cpe:2.3:o:canonical:linux-image-xilinx-zynqmp_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-5_15_0-1041-xilinx-zynqmp_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-7179-4
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Input validation error
EUVDB-ID: #VU93795
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-35963
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the hci_sock_setsockopt_old() and hci_sock_setsockopt() functions in net/bluetooth/hci_sock.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package linux-xilinx-zynqmp to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-xilinx-zynqmp (Ubuntu package): before 5.15.0.1041.45
linux-image-5.15.0-1041-xilinx-zynqmp (Ubuntu package): before 5.15.0-1041.45
CPE2.3- cpe:2.3:o:canonical:linux-image-xilinx-zynqmp_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-5_15_0-1041-xilinx-zynqmp_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-7179-4
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Out-of-bounds read
EUVDB-ID: #VU90303
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-35967
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the sco_sock_setsockopt() function in net/bluetooth/sco.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package linux-xilinx-zynqmp to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-xilinx-zynqmp (Ubuntu package): before 5.15.0.1041.45
linux-image-5.15.0-1041-xilinx-zynqmp (Ubuntu package): before 5.15.0-1041.45
CPE2.3- cpe:2.3:o:canonical:linux-image-xilinx-zynqmp_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-5_15_0-1041-xilinx-zynqmp_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-7179-4
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) NULL pointer dereference
EUVDB-ID: #VU94241
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-40973
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mtk_vcodec_fw_scp_init() function in drivers/media/platform/mediatek/vcodec/common/mtk_vcodec_fw_scp.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package linux-xilinx-zynqmp to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-xilinx-zynqmp (Ubuntu package): before 5.15.0.1041.45
linux-image-5.15.0-1041-xilinx-zynqmp (Ubuntu package): before 5.15.0-1041.45
CPE2.3- cpe:2.3:o:canonical:linux-image-xilinx-zynqmp_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-5_15_0-1041-xilinx-zynqmp_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-7179-4
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Resource management error
EUVDB-ID: #VU93872
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26822
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to improper management of internal resources within the automount_fullpath() and cifs_do_automount() functions in fs/smb/client/namespace.c. A local user can force the SMB client to reuse its parent mount uid, gid and cruid and gain unauthorized access to information.
Update the affected package linux-xilinx-zynqmp to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-xilinx-zynqmp (Ubuntu package): before 5.15.0.1041.45
linux-image-5.15.0-1041-xilinx-zynqmp (Ubuntu package): before 5.15.0-1041.45
CPE2.3- cpe:2.3:o:canonical:linux-image-xilinx-zynqmp_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-5_15_0-1041-xilinx-zynqmp_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-7179-4
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Input validation error
EUVDB-ID: #VU93797
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-35965
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the l2cap_sock_setsockopt_old() and l2cap_sock_setsockopt() functions in net/bluetooth/l2cap_sock.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package linux-xilinx-zynqmp to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-xilinx-zynqmp (Ubuntu package): before 5.15.0.1041.45
linux-image-5.15.0-1041-xilinx-zynqmp (Ubuntu package): before 5.15.0-1041.45
CPE2.3- cpe:2.3:o:canonical:linux-image-xilinx-zynqmp_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-5_15_0-1041-xilinx-zynqmp_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-7179-4
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Memory leak
EUVDB-ID: #VU94203
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-40910
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ax25_accept() function in net/ax25/af_ax25.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package linux-xilinx-zynqmp to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-xilinx-zynqmp (Ubuntu package): before 5.15.0.1041.45
linux-image-5.15.0-1041-xilinx-zynqmp (Ubuntu package): before 5.15.0-1041.45
CPE2.3- cpe:2.3:o:canonical:linux-image-xilinx-zynqmp_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-5_15_0-1041-xilinx-zynqmp_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-7179-4
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Improper locking
EUVDB-ID: #VU92369
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-38553
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the fec_set_mac_address() function in drivers/net/ethernet/freescale/fec_main.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package linux-xilinx-zynqmp to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-xilinx-zynqmp (Ubuntu package): before 5.15.0.1041.45
linux-image-5.15.0-1041-xilinx-zynqmp (Ubuntu package): before 5.15.0-1041.45
CPE2.3- cpe:2.3:o:canonical:linux-image-xilinx-zynqmp_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-5_15_0-1041-xilinx-zynqmp_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-7179-4
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Use-after-free
EUVDB-ID: #VU100707
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-53057
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the qdisc_tree_reduce_backlog() function in net/sched/sch_api.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package linux-xilinx-zynqmp to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-xilinx-zynqmp (Ubuntu package): before 5.15.0.1041.45
linux-image-5.15.0-1041-xilinx-zynqmp (Ubuntu package): before 5.15.0-1041.45
CPE2.3- cpe:2.3:o:canonical:linux-image-xilinx-zynqmp_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-5_15_0-1041-xilinx-zynqmp_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-7179-4
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Use-after-free
EUVDB-ID: #VU100612
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-50264
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the virtio_transport_destruct() function in net/vmw_vsock/virtio_transport_common.c. A local user can escalate privileges on the system.
MitigationUpdate the affected package linux-xilinx-zynqmp to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-xilinx-zynqmp (Ubuntu package): before 5.15.0.1041.45
linux-image-5.15.0-1041-xilinx-zynqmp (Ubuntu package): before 5.15.0-1041.45
CPE2.3- cpe:2.3:o:canonical:linux-image-xilinx-zynqmp_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-5_15_0-1041-xilinx-zynqmp_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-7179-4
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Out-of-bounds read
EUVDB-ID: #VU90306
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-35966
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the rfcomm_sock_setsockopt_old() and rfcomm_sock_setsockopt() functions in net/bluetooth/rfcomm/sock.c. A local user can perform a denial of service (DoS) attack.
MitigationUpdate the affected package linux-xilinx-zynqmp to the latest version.
Vulnerable software versionsUbuntu: 22.04
linux-image-xilinx-zynqmp (Ubuntu package): before 5.15.0.1041.45
linux-image-5.15.0-1041-xilinx-zynqmp (Ubuntu package): before 5.15.0-1041.45
CPE2.3- cpe:2.3:o:canonical:linux-image-xilinx-zynqmp_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:linux-image-5_15_0-1041-xilinx-zynqmp_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-7179-4
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
