Ubuntu alert USN-6975-1 (linux, linux-aws, linux-azure, linux-gcp, linux-gke, linux-ibm, linux-lowlatency, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-oem-6.8, linux-oracle, linux-raspi)
| From: | Rodrigo Figueiredo Zaiden <rodrigo.zaiden@canonical.com> | |
| To: | ubuntu-security-announce@lists.ubuntu.com | |
| Subject: | [USN-6975-1] Linux kernel vulnerabilities | |
| Date: | Wed, 21 Aug 2024 19:05:11 -0300 | |
| Message-ID: | <d2b4df44-7881-4ec1-8af8-5aa6c16e94f3@canonical.com> |
========================================================================== Ubuntu Security Notice USN-6975-1 August 21, 2024 linux, linux-aws, linux-azure, linux-gcp, linux-gke, linux-ibm, linux-lowlatency, linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency, linux-oem-6.8, linux-oracle, linux-raspi vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services (AWS) systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems - linux-gke: Linux kernel for Google Container Engine (GKE) systems - linux-ibm: Linux kernel for IBM cloud systems - linux-lowlatency: Linux low latency kernel - linux-nvidia: Linux kernel for NVIDIA systems - linux-nvidia-lowlatency: Linux low latency kernel for NVIDIA systems - linux-oem-6.8: Linux kernel for OEM systems - linux-oracle: Linux kernel for Oracle Cloud systems - linux-raspi: Linux kernel for Raspberry Pi systems - linux-nvidia-6.8: Linux kernel for NVIDIA systems Details: Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - User-Mode Linux (UML); - MMC subsystem; (CVE-2024-39292, CVE-2024-39484) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS linux-image-6.8.0-1009-gke 6.8.0-1009.12 linux-image-6.8.0-1010-raspi 6.8.0-1010.11 linux-image-6.8.0-1011-ibm 6.8.0-1011.11 linux-image-6.8.0-1011-oem 6.8.0-1011.11 linux-image-6.8.0-1011-oracle 6.8.0-1011.11 linux-image-6.8.0-1011-oracle-64k 6.8.0-1011.11 linux-image-6.8.0-1012-nvidia 6.8.0-1012.12 linux-image-6.8.0-1012-nvidia-64k 6.8.0-1012.12 linux-image-6.8.0-1012-nvidia-lowlatency 6.8.0-1012.12.1 linux-image-6.8.0-1012-nvidia-lowlatency-64k 6.8.0-1012.12.1 linux-image-6.8.0-1013-azure 6.8.0-1013.15 linux-image-6.8.0-1013-azure-fde 6.8.0-1013.15 linux-image-6.8.0-1013-gcp 6.8.0-1013.14 linux-image-6.8.0-1014-aws 6.8.0-1014.15 linux-image-6.8.0-41-generic 6.8.0-41.41 linux-image-6.8.0-41-generic-64k 6.8.0-41.41 linux-image-6.8.0-41-lowlatency 6.8.0-41.41.1 linux-image-6.8.0-41-lowlatency-64k 6.8.0-41.41.1 linux-image-aws 6.8.0-1014.15 linux-image-azure 6.8.0-1013.15 linux-image-azure-fde 6.8.0-1013.15 linux-image-gcp 6.8.0-1013.14 linux-image-generic 6.8.0-41.41 linux-image-generic-64k 6.8.0-41.41 linux-image-generic-64k-hwe-24.04 6.8.0-41.41 linux-image-generic-hwe-24.04 6.8.0-41.41 linux-image-generic-lpae 6.8.0-41.41 linux-image-gke 6.8.0-1009.12 linux-image-ibm 6.8.0-1011.11 linux-image-ibm-classic 6.8.0-1011.11 linux-image-ibm-lts-24.04 6.8.0-1011.11 linux-image-kvm 6.8.0-41.41 linux-image-lowlatency 6.8.0-41.41.1 linux-image-lowlatency-64k 6.8.0-41.41.1 linux-image-nvidia 6.8.0-1012.12 linux-image-nvidia-64k 6.8.0-1012.12 linux-image-nvidia-lowlatency 6.8.0-1012.12.1 linux-image-nvidia-lowlatency-64k 6.8.0-1012.12.1 linux-image-oem-24.04 6.8.0-1011.11 linux-image-oem-24.04a 6.8.0-1011.11 linux-image-oracle 6.8.0-1011.11 linux-image-oracle-64k 6.8.0-1011.11 linux-image-raspi 6.8.0-1010.11 linux-image-virtual 6.8.0-41.41 linux-image-virtual-hwe-24.04 6.8.0-41.41 Ubuntu 22.04 LTS linux-image-6.8.0-1012-nvidia 6.8.0-1012.12~22.04.1 linux-image-6.8.0-1012-nvidia-64k 6.8.0-1012.12~22.04.1 linux-image-nvidia-6.8 6.8.0-1012.12~22.04.1 linux-image-nvidia-64k-6.8 6.8.0-1012.12~22.04.1 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-6975-1 CVE-2024-39292, CVE-2024-39484 Package Information: https://launchpad.net/ubuntu/+source/linux/6.8.0-41.41 https://launchpad.net/ubuntu/+source/linux-aws/6.8.0-1014.15 https://launchpad.net/ubuntu/+source/linux-azure/6.8.0-10... https://launchpad.net/ubuntu/+source/linux-gcp/6.8.0-1013.14 https://launchpad.net/ubuntu/+source/linux-gke/6.8.0-1009.12 https://launchpad.net/ubuntu/+source/linux-ibm/6.8.0-1011.11 https://launchpad.net/ubuntu/+source/linux-lowlatency/6.8... https://launchpad.net/ubuntu/+source/linux-nvidia/6.8.0-1... https://launchpad.net/ubuntu/+source/linux-nvidia-lowlate... https://launchpad.net/ubuntu/+source/linux-oem-6.8/6.8.0-... https://launchpad.net/ubuntu/+source/linux-oracle/6.8.0-1... https://launchpad.net/ubuntu/+source/linux-raspi/6.8.0-10... https://launchpad.net/ubuntu/+source/linux-nvidia-6.8/6.8...
Attachment: OpenPGP_signature.asc (type=application/pgp-signature)
-----BEGIN PGP SIGNATURE----- wsB5BAABCAAjFiEEYrygdx1GDec9TV8EZ0GeRcM5nt0FAmbGZJgFAwAAAAAACgkQZ0GeRcM5nt25 mAf+ND3ppcqCy9awx1WMd18oEmfd252foDodj94alqJJ0/UYVfIc4QYRWJ7gne/z5pezZEoK8uO1 atnzikKljCdUXcnJecBMQFOuj6En4YhwdsubyyI2Ihe32GfcIQp+OkqGRK8pv3q0XLqgPZeSDWC0 NXfrgCOKKvK6udMC6U7Agd0MsMwnfyHHw+0GJHtXHClkbIJP5mHuv3Dy1BnTRHDjXOM0PcEjnynb rpTESI/UkzOSi7V9uUGbw++yEgZIpmPqzwKs6EDUqHRoqkNMirRkKemjhppBBNZIj5DxPbcXfShO 5F0FzvoSnPZvWCsElAB2wG4Ex9293Yn9B2fMyVnpLQ== =ERm0 -----END PGP SIGNATURE-----
Attachment: None (type=text/plain)