SB2025040997 - Ubuntu update for linux
Published: April 9, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 20 secuirty vulnerabilities.
1) Race condition (CVE-ID: CVE-2022-23041)
The vulnerability allows a local user to bypass implemented security restrictions.
The vulnerability exists due to a race condition in blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls ring buffers. A malicious backend can exploit the race condition and read or write data or perform a denial of service attack.
2) Out-of-bounds read (CVE-ID: CVE-2024-56615)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dev_map_alloc(), dev_map_delete_elem() and dev_map_hash_delete_elem() functions in kernel/bpf/devmap.c. A local user can perform a denial of service (DoS) attack.
3) Use-after-free (CVE-ID: CVE-2024-56600)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the htons() function in net/ipv6/af_inet6.c. A local user can escalate privileges on the system.
4) Use-after-free (CVE-ID: CVE-2025-21700)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the qdisc_lookup() function in net/sched/sch_api.c. A local user can escalate privileges on the system.
5) Use-after-free (CVE-ID: CVE-2024-56658)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the LLIST_HEAD(), net_free() and cleanup_net() functions in net/core/net_namespace.c. A local user can escalate privileges on the system.
6) Improper Initialization (CVE-ID: CVE-2024-35960)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the add_rule_fg() function in drivers/net/ethernet/mellanox/mlx5/core/fs_core.c. A local user can perform a denial of service (DoS) attack.
7) Memory leak (CVE-ID: CVE-2024-50265)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ocfs2_xa_remove() function in fs/ocfs2/xattr.c. A local user can perform a denial of service (DoS) attack.
8) Resource management error (CVE-ID: CVE-2025-21702)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the pfifo_tail_enqueue() function in net/sched/sch_fifo.c. A local user can perform a denial of service (DoS) attack.
9) Use-after-free (CVE-ID: CVE-2024-53227)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the bfad_init() function in drivers/scsi/bfa/bfad.c. A local user can escalate privileges on the system.
10) Use-after-free (CVE-ID: CVE-2024-53165)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the register_intc_controller() function in drivers/sh/intc/core.c. A local user can escalate privileges on the system.
11) Memory leak (CVE-ID: CVE-2024-50167)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the be_xmit() function in drivers/net/ethernet/emulex/benet/be_main.c. A local user can perform a denial of service (DoS) attack.
12) Use of uninitialized resource (CVE-ID: CVE-2024-26863)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the hsr_get_node() function in net/hsr/hsr_framereg.c. A local user can perform a denial of service (DoS) attack.
13) Use of uninitialized resource (CVE-ID: CVE-2024-35973)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the geneve_xmit_skb() and geneve6_xmit_skb() functions in drivers/net/geneve.c. A local user can perform a denial of service (DoS) attack.
14) Input validation error (CVE-ID: CVE-2024-46826)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the fs/binfmt_elf.c. A local user can perform a denial of service (DoS) attack.
15) Memory leak (CVE-ID: CVE-2021-47119)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ext4_fill_super() and kfree() functions in fs/ext4/super.c. A local user can perform a denial of service (DoS) attack.
16) Memory leak (CVE-ID: CVE-2024-50302)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the hid_alloc_report_buf() function in drivers/hid/hid-core.c. A local user can perform a denial of service (DoS) attack.
Note, the vulnerability is being actively exploited in the wild against Android devices.
17) Buffer overflow (CVE-ID: CVE-2024-49952)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the nf_dup_ipv6_route() and nf_dup_ipv6() functions in net/ipv6/netfilter/nf_dup_ipv6.c, within the nf_dup_ipv4() function in net/ipv4/netfilter/nf_dup_ipv4.c. A local user can perform a denial of service (DoS) attack.
18) Use of uninitialized resource (CVE-ID: CVE-2021-47101)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the asix_check_host_enable() function in drivers/net/usb/asix_common.c. A local user can perform a denial of service (DoS) attack.
19) Input validation error (CVE-ID: CVE-2024-49948)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the qdisc_pkt_len_init() function in net/core/dev.c. A local user can perform a denial of service (DoS) attack.
20) Out-of-bounds read (CVE-ID: CVE-2024-56595)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dbAdjTree() function in fs/jfs/jfs_dmap.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.