- proxmox-kernel-6.8.8-4-pve_6.8.8-4 (pve-8)
- 6.8.12-10
- 2025-05-02 21:12:19
- 2025-05-05 07:06:01
- K20250502_13
- CVE-2024-45016, CVSSv2 Score: 5.5
- Description:
netem: fix return value if duplicate enqueue fails
- CVE: https://ubuntu.com/security/CVE-2024-45016
- Patch: ubuntu-noble/6.8.0-47.47/CVE-2024-45016-netem-fix-return-value-if-duplicate-enqueue-fails.patch
- From: 6.8.0-47.47
- CVE-2024-46800, CVSSv2 Score: 7.8
- Description:
sch/netem: fix use after free in netem_dequeue
- CVE: https://ubuntu.com/security/CVE-2024-46800
- Patch: ubuntu-noble/6.8.0-49.49/CVE-2024-46800-sch-netem-fix-use-after-free-in-netem-dequeue.patch
- From: 6.8.0-49.49
- CVE-2024-43882, CVSSv2 Score: 7.0
- Description:
exec: Fix ToCToU between perm check and set-uid/gid usage
- CVE: https://ubuntu.com/security/CVE-2024-43882
- Patch: ubuntu-noble/6.8.0-49.49/CVE-2024-43882-exec-Fix-ToCToU-between-perm-check-and-set-uid-gid-usage.patch
- From: 6.8.0-49.49
- CVE-2024-42285, CVSSv2 Score: 7.8
- Description:
RDMA/iwcm: Fix a use-after-free related to destroying CM IDs
- CVE: https://ubuntu.com/security/CVE-2024-42285
- Patch: ubuntu-noble/6.8.0-50.51/CVE-2024-42285-rdma-iwcm-fix-a-use-after-free-related-to-destroying-cm-ids.patch
- From: 6.8.0-54.56
- CVE-2024-42301, CVSSv2 Score: 7.8
- Description:
dev/parport: fix the array out-of-bounds risk
- CVE: https://ubuntu.com/security/CVE-2024-42301
- Patch: ubuntu-noble/6.8.0-50.51/CVE-2024-42301-dev-parport-fix-the-array-out-of-bounds-risk.patch
- From: 6.8.0-50.51
- CVE-2024-46831, CVSSv2 Score: 7.8
- Description:
net: microchip: vcap: Fix use-after-free error in kunit test
- CVE: https://ubuntu.com/security/CVE-2024-46831
- Patch: ubuntu-noble/6.8.0-50.51/CVE-2024-46831-net-microchip-vcap-Fix-use-after-free-error-in-kunit-test.patch
- From: 6.8.0-50.51
- CVE-2024-49967, CVSSv2 Score: 7.8
- Description:
ext4: no need to continue when the number of entries is 1
- CVE: https://ubuntu.com/security/CVE-2024-49967
- Patch: ubuntu-noble/6.8.0-51.52/CVE-2024-49967-ext4-no-need-to-continue-when-the-number-of-entries-is-1.patch
- From: 6.8.0-51.52
- CVE-2024-53057, CVSSv2 Score: 7.8
- Description:
net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT
- CVE: https://ubuntu.com/security/CVE-2024-53057
- Patch: ubuntu-noble/6.8.0-51.52/CVE-2024-53057-net-sched-stop-qdisc-tree-reduce-backlog-on-tc-h-root.patch
- From: 6.8.0-51.52
- CVE-2024-50264, CVSSv2 Score: 7.8
- Description:
vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans
- CVE: https://ubuntu.com/security/CVE-2024-50264
- Patch: ubuntu-noble/6.8.0-51.52/CVE-2024-50264-vsock-virtio-initialization-of-the-dangling-pointer-occurring-in-vsk-trans.patch
- From: 6.8.0-51.52
- CVE-2024-53103, CVSSv2 Score: 7.8
- Description:
hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer
- CVE: https://ubuntu.com/security/CVE-2024-53103
- Patch: ubuntu-noble/6.8.0-52.53/CVE-2024-53103-hv-sock-initializing-vsk-trans-to-null-to-prevent-a-dangling-pointer.patch
- From: 6.8.0-52.53
- CVE-2024-53141, CVSSv2 Score: 7.8
- Description:
netfilter: ipset: add missing range check in bitmap_ip_uadt
- CVE: https://ubuntu.com/security/CVE-2024-53141
- Patch: ubuntu-noble/6.8.0-52.53/CVE-2024-53141-netfilter-ipset-add-missing-range-check-in-bitmap-ip-uadt.patch
- From: 6.8.0-52.53
- CVE-2024-53164, CVSSv2 Score: 5.5
- Description:
net: sched: fix ordering of qlen adjustment
- CVE: https://ubuntu.com/security/CVE-2024-53164
- Patch: ubuntu-noble/6.8.0-52.53/CVE-2024-53164-net-sched-fix-ordering-of-qlen-adjustment.patch
- From: 6.8.0-52.53
- CVE-2024-47685, CVSSv2 Score: 9.1
- Description:
netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put()
- CVE: https://ubuntu.com/security/CVE-2024-47685
- Patch: ubuntu-noble/6.8.0-54.56/CVE-2024-47685-netfilter-nf-reject-ipv6-fix-nf-reject-ip6-tcphdr-put.patch
- From: 5.15.0-127.137
- CVE-2024-47670, CVSSv2 Score: 7.8
- Description:
ocfs2: add bounds checking to ocfs2_xattr_find_entry()
- CVE: https://ubuntu.com/security/CVE-2024-47670
- Patch: ubuntu-noble/6.8.0-54.56/CVE-2024-47670-ocfs2-add-bounds-checking-to-ocfs2-xattr-find-entry.patch
- From: 5.15.0-127.137
- CVE-2024-47675, CVSSv2 Score: 7.8
- Description:
bpf: Fix use-after-free in bpf_uprobe_multi_link_attach()
- CVE: https://ubuntu.com/security/CVE-2024-47675
- Patch: ubuntu-noble/6.8.0-54.56/CVE-2024-47675-bpf-fix-use-after-free-in-bpf-uprobe-multi-link-attach.patch
- From: kernel-6.8.0-54.56
- CVE-2024-47682, CVSSv2 Score: 7.8
- Description:
scsi: sd: Fix off-by-one error in sd_read_block_characteristics()
- CVE: https://ubuntu.com/security/CVE-2024-47682
- Patch: ubuntu-noble/6.8.0-54.56/CVE-2024-47682-scsi-sd-fix-off-by-one-error-in-sd-read-block-characteristics.patch
- From: kernel-6.8.0-54.56
- CVE-2024-47695, CVSSv2 Score: 7.8
- Description:
RDMA/rtrs-clt: Reset cid to con_num - 1 to stay in bounds
- CVE: https://ubuntu.com/security/CVE-2024-47695
- Patch: ubuntu-noble/6.8.0-54.56/CVE-2024-47695-rdma-rtrs-clt-reset-cid-to-con-num-1-to-stay-in-bounds.patch
- From: kernel-6.8.0-54.56
- CVE-2024-47697, CVSSv2 Score: 7.8
- Description:
drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error
- CVE: https://ubuntu.com/security/CVE-2024-47697
- Patch: ubuntu-noble/6.8.0-54.56/CVE-2024-47697-drivers-media-dvb-frontends-rtl2830-fix-an-out-of-bounds-write-error.patch
- From: 6.8.0-54.56
- CVE-2024-47698, CVSSv2 Score: 7.8
- Description:
drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error
- CVE: https://ubuntu.com/security/CVE-2024-47698
- Patch: ubuntu-noble/6.8.0-54.56/CVE-2024-47698-drivers-media-dvb-frontends-rtl2832-fix-an-out-of-bounds-write-error.patch
- From: 6.8.0-54.56
- CVE-2024-47701, CVSSv2 Score: 7.8
- Description:
ext4: return error on ext4_find_inline_entry
- CVE: https://ubuntu.com/security/CVE-2024-47701
- Patch: ubuntu-noble/6.8.0-54.56/CVE-2024-47701-ext4-return-error-on-ext4_find_inline_entry.patch
- From: 6.8.0-54.56
- CVE-2024-47701, CVSSv2 Score: 7.8
- Description:
ext4: avoid OOB when system.data xattr changes underneath the filesystem
- CVE: https://ubuntu.com/security/CVE-2024-47701
- Patch: ubuntu-noble/6.8.0-54.56/CVE-2024-47701-ext4-avoid-oob-when-system-data-xattr-changes-underneath-the-filesystem.patch
- From: 6.8.0-54.56
- CVE-2024-47696, CVSSv2 Score: 7.8
- Description:
RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency
- CVE: https://ubuntu.com/security/CVE-2024-47696
- Patch: ubuntu-noble/6.8.0-54.56/CVE-2024-47696-rdma-iwcm-fix-warning-at-kernel-workqueue-c-check-flush-dependency.patch
- From: 6.8.0-54.56
- CVE-2024-47696, CVSSv2 Score: 7.8
- Description:
RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency
- CVE: https://ubuntu.com/security/CVE-2024-47696
- Patch: ubuntu-noble/6.8.0-54.56/CVE-2024-47696-rdma-iwcm-fix-warning-at-kernel-workqueue-c-check-flush-dependency-kpatch.patch
- From: 6.8.0-54.56
- CVE-2024-47691, CVSSv2 Score: 7.8
- Description:
f2fs: fix to avoid use-after-free in f2fs_stop_gc_thread()
- CVE: https://ubuntu.com/security/CVE-2024-47691
- Patch: ubuntu-noble/6.8.0-54.56/CVE-2024-47691-f2fs-fix-to-avoid-use-after-free-in-f2fs_stop_gc_thread.patch
- From: 6.8.0-54.56
- CVE-2024-53104, CVSSv2 Score: 7.8
- Description:
media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format
- CVE: https://ubuntu.com/security/CVE-2024-53104
- Patch: ubuntu-noble/6.8.0-55.57/CVE-2024-53104-media-uvcvideo-skip-parsing-frames-of-type-uvc-vs-undefined-in-uvc-parse-format.patch
- From: 6.8.0-55.57
- CVE-2024-50180, CVSSv2 Score: 7.8
- Description:
fbdev: sisfb: Fix strbuf array overflow
- CVE: https://ubuntu.com/security/CVE-2024-50180
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-50180-fbdev-sisfb-fix-strbuf-array-overflow.patch
- From: 6.8.0-56.58
- CVE-2024-50186, CVSSv2 Score: 7.8
- Description:
net: explicitly clear the sk pointer, when pf->create fails
- CVE: https://ubuntu.com/security/CVE-2024-50186
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-50186-net-explicitly-clear-the-sk-pointer-when-pf-create-fails.patch
- From: 6.8.0-56.58
- CVE-2024-50088, CVSSv2 Score: 7.8
- Description:
btrfs: fix uninitialized pointer free in add_inode_ref()
- CVE: https://ubuntu.com/security/CVE-2024-50088
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-50088-btrfs-fix-uninitialized-pointer-free-in-add-inode-ref.patch
- From: 6.8.0-56.58
- CVE-2024-50083, CVSSv2 Score: 7.5
- Description:
tcp: fix mptcp DSS corruption due to large pmtu xmit
- CVE: https://ubuntu.com/security/CVE-2024-50083
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-50083-tcp-fix-mptcp-dss-corruption-due-to-large-pmtu-xmit.patch
- From: 6.8.0-56.58
- CVE-2024-56614, CVSSv2 Score: 7.8
- Description:
xsk: fix OOB map writes when deleting elements
- CVE: https://ubuntu.com/security/CVE-2024-56614
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-56614-xsk-fix-oob-map-writes-when-deleting-elements.patch
- From: 6.8.0-56.58
- CVE-2024-53156, CVSSv2 Score: 7.8
- Description:
wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service()
- CVE: https://ubuntu.com/security/CVE-2024-53156
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-53156-wifi-ath9k-add-range-check-for-conn-rsp-epid-in-htc-connect-service.patch
- From: 6.8.0-56.58
- CVE-2024-53165, CVSSv2 Score:
- Description:
Out of scope: SuperH architecture isn't supported for current kernel
- CVE:
- Patch: skipped/CVE-2024-53165.patch
- From:
- CVE-2024-56582, CVSSv2 Score: 7.8
- Description:
btrfs: fix use-after-free in btrfs_encoded_read_endio()
- CVE: https://ubuntu.com/security/CVE-2024-56582
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-56582-btrfs-fix-use-after-free-in-btrfs-encoded-read-endio.patch
- From: 6.8.0-56.58
- CVE-2024-49865, CVSSv2 Score: 7.8
- Description:
drm/xe/vm: move xa_alloc to prevent UAF
- CVE: https://ubuntu.com/security/CVE-2024-49865
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-49865-drm-xe-vm-move-xa-alloc-to-prevent-uaf.patch
- From: 6.8.0-56.58
- CVE-2024-50055, CVSSv2 Score: 7.8
- Description:
driver core: bus: Fix double free in driver API bus_register()
- CVE: https://ubuntu.com/security/CVE-2024-50055
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-50055-driver-core-bus-fix-double-free-in-driver-api-bus-register.patch
- From: 6.8.0-56.58
- CVE-2024-50047, CVSSv2 Score: 7.8
- Description:
smb: client: fix UAF in async decryption
- CVE: https://ubuntu.com/security/CVE-2024-50047
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-50047-smb-client-fix-uaf-in-async-decryption.patch
- From: 6.8.0-56.58
- CVE-2024-50047, CVSSv2 Score: 7.8
- Description:
smb: client: fix NULL ptr deref in crypto_aead_setkey()
- CVE: https://ubuntu.com/security/CVE-2024-50047
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-50047-smb-client-fix-NULL-ptr-deref-in-crypto_aead_setkey.patch
- From: 6.8.0-56.58
- CVE-2024-50029, CVSSv2 Score: 7.8
- Description:
Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync
- CVE: https://ubuntu.com/security/CVE-2024-50029
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-50029-bluetooth-hci-conn-fix-uaf-in-hci-enhanced-setup-sync-39.patch
- From: 6.8.0-56.58
- CVE-2024-50084, CVSSv2 Score: 7.8
- Description:
net: microchip: vcap api: Fix memory leaks in vcap_api_encode_rule_test()
- CVE: https://ubuntu.com/security/CVE-2024-50084
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-50084-net-microchip-vcap-api-fix-memory-leaks-in-vcap-api-encode-rule-test.patch
- From: 6.8.0-56.58
- CVE-2024-50074, CVSSv2 Score: 7.8
- Description:
parport: Proper fix for array out-of-bounds access
- CVE: https://ubuntu.com/security/CVE-2024-50074
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-50074-parport-proper-fix-for-array-out-of-bounds-access.patch
- From: 6.8.0-56.58
- CVE-2024-50073, CVSSv2 Score: 7.8
- Description:
tty: n_gsm: Fix use-after-free in gsm_cleanup_mux
- CVE: https://ubuntu.com/security/CVE-2024-50073
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-50073-tty-n-gsm-fix-use-after-free-in-gsm-cleanup-mux.patch
- From: 6.8.0-56.58
- CVE-2024-50061, CVSSv2 Score: 7.0
- Description:
i3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master Driver Due to Race Condition
- CVE: https://ubuntu.com/security/CVE-2024-50061
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-50061-i3c-master-cdns-fix-use-after-free-vulnerability-in-cdns-i3c-master-driver-due-to-race-condition.patch
- From: 6.8.0-56.58
- CVE-2024-50059, CVSSv2 Score: 7.0
- Description:
ntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove due to race condition
- CVE: https://ubuntu.com/security/CVE-2024-50059
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-50059-ntb-ntb-hw-switchtec-fix-use-after-free-vulnerability-in-switchtec-ntb-remove-due-to-race-condition.patch
- From: 6.8.0-56.58
- CVE-2024-50042, CVSSv2 Score: 7.1
- Description:
ice: Fix increasing MSI-X on VF
- CVE: https://ubuntu.com/security/CVE-2024-50042
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-50042-ice-fix-increasing-msi-x-on-vf.patch
- From: 6.8.0-56.58
- CVE-2024-50036, CVSSv2 Score: 7.0
- Description:
net: do not delay dst_entries_add() in dst_release()
- CVE: https://ubuntu.com/security/CVE-2024-50036
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-50036-net-do-not-delay-dst-entries-add-in-dst-release.patch
- From: 6.8.0-56.58
- CVE-2024-50035, CVSSv2 Score: 7.1
- Description:
ppp: fix ppp_async_encode() illegal access
- CVE: https://ubuntu.com/security/CVE-2024-50035
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-50035-ppp-fix-ppp-async-encode-illegal-access.patch
- From: 6.8.0-56.58
- CVE-2024-50033, CVSSv2 Score: 7.1
- Description:
slip: make slhc_remember() more robust against malicious packets
- CVE: https://ubuntu.com/security/CVE-2024-50033
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-50033-slip-make-slhc-remember-more-robust-against-malicious-packets.patch
- From: 6.8.0-56.58
- CVE-2024-50066, CVSSv2 Score: 7.0
- Description:
mm/mremap: fix move_normal_pmd/retract_page_tables race
- CVE: https://ubuntu.com/security/CVE-2024-50066
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-50066-mm-mremap-fix-move-normal-pmd-retract-page-tables-race.patch
- From: 6.8.0-56.58
- CVE-2024-50193, CVSSv2 Score:
- Description:
Out of scope: patch for x86_32 arch
- CVE:
- Patch: skipped/CVE-2024-50193.patch
- From:
- CVE-2024-56663, CVSSv2 Score: 7.1
- Description:
wifi: nl80211: fix NL80211_ATTR_MLO_LINK_ID off-by-one
- CVE: https://ubuntu.com/security/CVE-2024-56663
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-56663-wifi-nl80211-fix-nl80211-attr-mlo-link-id-off-by-one.patch
- From: 6.8.0-56.58
- CVE-2024-56663, CVSSv2 Score: 7.1
- Description:
wifi: nl80211: fix NL80211_ATTR_MLO_LINK_ID off-by-one
- CVE: https://ubuntu.com/security/CVE-2024-56663
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-56663-wifi-nl80211-fix-nl80211-attr-mlo-link-id-off-by-one-kpatch.patch
- From: 6.8.0-56.58
- CVE-2024-46795, CVSSv2 Score: 5.5
- Description:
ksmbd: unset the binding mark of a reused connection
- CVE: https://ubuntu.com/security/CVE-2024-46795
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-46795-ksmbd-unset-the-binding-mark-of-a-reused-connection.patch
- From: 6.8.0-56.58
- CVE-2024-50086, CVSSv2 Score: 7.0
- Description:
ksmbd: fix user-after-free from session log off
- CVE: https://ubuntu.com/security/CVE-2024-50086
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-50086-ksmbd-fix-user-after-free-from-session-log-off.patch
- From: 6.8.0-56.58
- CVE-2024-50086, CVSSv2 Score: 7.0
- Description:
ksmbd: fix user-after-free from session log off
- CVE: https://ubuntu.com/security/CVE-2024-50086
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-50086-ksmbd-fix-user-after-free-from-session-log-off-kpatch.patch
- From: 6.8.0-56.58
- CVE-2024-56598, CVSSv2 Score: 7.8
- Description:
jfs: array-index-out-of-bounds fix in dtReadFirst
- CVE: https://ubuntu.com/security/CVE-2024-56598
- Patch: ubuntu-noble/6.8.0-57.59/CVE-2024-56598-jfs-array-index-out-of-bounds-fix-in-dtreadfirst.patch
- From: 6.8.0-57.59
- CVE-2024-56595, CVSSv2 Score: 7.8
- Description:
jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree
- CVE: https://ubuntu.com/security/CVE-2024-56595
- Patch: ubuntu-noble/6.8.0-57.59/CVE-2024-56595-jfs-add-a-check-to-prevent-array-index-out-of-bounds-in-dbadjtree.patch
- From: 6.8.0-57.59
- CVE-2024-50302, CVSSv2 Score: 7.8
- Description:
HID: core: zero-initialize the report buffer
- CVE: https://ubuntu.com/security/CVE-2024-50302
- Patch: ubuntu-noble/6.8.0-57.59/CVE-2024-50302-hid-core-zero-initialize-the-report-buffer.patch
- From: 6.8.0-57.59
- CVE-2024-56658, CVSSv2 Score: 7.8
- Description:
net: defer final 'struct net' free in netns dismantle
- CVE: https://ubuntu.com/security/CVE-2024-56658
- Patch: ubuntu-noble/6.8.0-57.59/CVE-2024-56658-net-defer-final-struct-net-free-in-netns-dismantle.patch
- From: 6.8.0-57.59
- CVE-2024-56658, CVSSv2 Score: 7.8
- Description:
net: defer final 'struct net' free in netns dismantle
- CVE: https://security-tracker.debian.org/tracker/CVE-2024-56658
- Patch: ubuntu-noble/6.8.0-57.59/CVE-2024-56658-net-defer-final-struct-net-free-in-netns-dismantle-kpatch.patch
- From: 6.1.123-1
- CVE-2024-57798, CVSSv2 Score: 7.8
- Description:
drm/dp_mst: Skip CSN if topology probing is not done yet (dependency)
- CVE: https://ubuntu.com/security/CVE-2024-57798
- Patch: ubuntu-noble/6.8.0-57.59/CVE-2024-57798-drm-dp-mst-skip-csn-if-topology-probing-is-not-done-yet-49.patch
- From: 6.8.0-57.59
- CVE-2024-57798, CVSSv2 Score: 7.8
- Description:
drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req()
- CVE: https://ubuntu.com/security/CVE-2024-57798
- Patch: ubuntu-noble/6.8.0-57.59/CVE-2024-57798-drm-dp-mst-ensure-mst-primary-pointer-is-valid-in-drm-dp-mst-handle-up-req.patch
- From: 6.8.0-57.59
- CVE-2024-56672, CVSSv2 Score: 7.8
- Description:
blk-cgroup: Fix UAF in blkcg_unpin_online()
- CVE: https://ubuntu.com/security/CVE-2024-56672
- Patch: ubuntu-noble/6.8.0-57.59/CVE-2024-56672-blk-cgroup-fix-uaf-in-blkcg-unpin-online.patch
- From: 6.8.0-57.59
- CVE-2024-53063, CVSSv2 Score: 5.5
- Description:
media: dvbdev: prevent the risk of out of memory access
- CVE: https://ubuntu.com/security/CVE-2024-53063
- Patch: ubuntu-noble/6.8.0-57.59/CVE-2024-53063-media-dvbdev-prevent-the-risk-of-out-of-memory-access.patch
- From: 6.8.0-57.59
- CVE-2024-50067, CVSSv2 Score: 7.8
- Description:
uprobe: avoid out-of-bounds memory access of fetching args
- CVE: https://ubuntu.com/security/CVE-2024-50067
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50067-uprobe-avoid-out-of-bounds-memory-access-of-fetching-args.patch
- From: 6.8.0-58.60
- CVE-2024-50131, CVSSv2 Score: 7.8
- Description:
tracing: Consider the NULL character when validating the event length
- CVE: https://ubuntu.com/security/CVE-2024-50131
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50131-tracing-consider-the-null-character-when-validating-the-event-length.patch
- From: 6.8.0-58.60
- CVE-2024-50127, CVSSv2 Score: 7.8
- Description:
net: sched: fix use-after-free in taprio_change()
- CVE: https://ubuntu.com/security/CVE-2024-50127
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50127-net-sched-fix-use-after-free-in-taprio-change.patch
- From: 6.8.0-58.60
- CVE-2024-50126, CVSSv2 Score: 7.8
- Description:
net: sched: use RCU read-side critical section in taprio_dump()
- CVE: https://ubuntu.com/security/CVE-2024-50126
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50126-net-sched-use-rcu-read-side-critical-section-in-taprio-dump.patch
- From: 6.8.0-58.60
- CVE-2024-50125, CVSSv2 Score: 7.8
- Description:
Bluetooth: SCO: Fix UAF on sco_sock_timeout
- CVE: https://ubuntu.com/security/CVE-2024-50125
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50125-bluetooth-sco-fix-uaf-on-sco-sock-timeout-39.patch
- From: 6.8.0-58.60
- CVE-2024-50124, CVSSv2 Score: 7.8
- Description:
Bluetooth: ISO: Fix UAF on iso_sock_timeout
- CVE: https://ubuntu.com/security/CVE-2024-50124
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50124-bluetooth-iso-fix-uaf-on-iso-sock-timeout.patch
- From: 6.8.0-58.60
- CVE-2024-50121, CVSSv2 Score: 7.8
- Description:
nfsd: cancel nfsd_shrinker_work using sync mode in nfs4_state_shutdown_net
- CVE: https://ubuntu.com/security/CVE-2024-50121
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50121-nfsd-cancel-nfsd-shrinker-work-using-sync-mode-in-nfs4-state-shutdown-net.patch
- From: 6.8.0-58.60
- CVE-2024-50051, CVSSv2 Score: 7.8
- Description:
spi: mpc52xx: Add cancel_work_sync before module remove
- CVE: https://ubuntu.com/security/CVE-2024-50051
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50051-spi-mpc52xx-add-cancel-work-sync-before-module-remove.patch
- From: 6.8.0-58.60
- CVE-2024-50209, CVSSv2 Score: 7.8
- Description:
RDMA/bnxt_re: Add a check for memory allocation
- CVE: https://ubuntu.com/security/CVE-2024-50209
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50209-rdma-bnxt-re-add-a-check-for-memory-allocation.patch
- From: 6.8.0-58.60
- CVE-2024-50159, CVSSv2 Score: 7.8
- Description:
firmware: arm_scmi: Fix the double free in scmi_debugfs_common_setup()
- CVE: https://ubuntu.com/security/CVE-2024-50159
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50159-firmware-arm-scmi-fix-the-double-free-in-scmi-debugfs-common-setup.patch
- From: 6.8.0-58.60
- CVE-2024-50158, CVSSv2 Score: 7.8
- Description:
RDMA/bnxt_re: Fix out of bound check
- CVE: https://ubuntu.com/security/CVE-2024-50158
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50158-rdma-bnxt-re-fix-out-of-bound-check.patch
- From: 6.8.0-58.60
- CVE-2024-50155, CVSSv2 Score: 7.8
- Description:
netdevsim: use cond_resched() in nsim_dev_trap_report_work()
- CVE: https://ubuntu.com/security/CVE-2024-50155
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50155-netdevsim-use-cond-resched-in-nsim-dev-trap-report-work.patch
- From: 6.8.0-58.60
- CVE-2024-50154, CVSSv2 Score: 7.8
- Description:
tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink().
- CVE: https://ubuntu.com/security/CVE-2024-50154
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50154-tcp-dccp-don-t-use-timer-pending-in-reqsk-queue-unlink-6.8.0-47.47.patch
- From: 6.8.0-58.60
- CVE-2024-53206, CVSSv2 Score: 7.8
- Description:
tcp: Fix use-after-free of nreq in reqsk_timer_handler().
- CVE: https://ubuntu.com/security/CVE-2024-53206
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-53206-tcp-Fix-use-after-free-of-nreq-in-reqsk_timer_handler-6.8.0-47.47.patch
- From: 6.8.0-58.60
- CVE-2024-50151, CVSSv2 Score: 7.8
- Description:
smb: client: fix OOBs when building SMB2_IOCTL request
- CVE: https://ubuntu.com/security/CVE-2024-50151
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50151-smb-client-fix-oobs-when-building-smb2-ioctl-request.patch
- From: 6.8.0-58.60
- CVE-2024-50143, CVSSv2 Score: 7.8
- Description:
udf: fix uninit-value use in udf_get_fileshortad
- CVE: https://ubuntu.com/security/CVE-2024-50143
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50143-udf-fix-uninit-value-use-in-udf-get-fileshortad.patch
- From: 6.8.0-58.60
- CVE-2024-50203, CVSSv2 Score:
- Description:
Out of scope: ARM64 architecture issue
- CVE:
- Patch: skipped/CVE-2024-50203.patch
- From:
- CVE-2024-50215, CVSSv2 Score: 7.8
- Description:
nvmet-auth: assign dh_key to NULL after kfree_sensitive
- CVE: https://ubuntu.com/security/CVE-2024-50215
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50215-nvmet-auth-assign-dh-key-to-null-after-kfree-sensitive.patch
- From: 6.8.0-58.60