- proxmox-kernel-6.8.8-3-pve_6.8.8-3 (pve-8)
- 6.8.12-10
- 2025-05-08 14:32:45
- 2025-05-13 14:01:30
- K20250508_02
- CVE-2024-45016, CVSSv2 Score: 5.5
- Description:
netem: fix return value if duplicate enqueue fails
- CVE: https://ubuntu.com/security/CVE-2024-45016
- Patch: ubuntu-noble/6.8.0-47.47/CVE-2024-45016-netem-fix-return-value-if-duplicate-enqueue-fails.patch
- From: 6.8.0-47.47
- CVE-2024-46800, CVSSv2 Score: 7.8
- Description:
sch/netem: fix use after free in netem_dequeue
- CVE: https://ubuntu.com/security/CVE-2024-46800
- Patch: ubuntu-noble/6.8.0-49.49/CVE-2024-46800-sch-netem-fix-use-after-free-in-netem-dequeue.patch
- From: 6.8.0-49.49
- CVE-2024-43882, CVSSv2 Score: 7.0
- Description:
exec: Fix ToCToU between perm check and set-uid/gid usage
- CVE: https://ubuntu.com/security/CVE-2024-43882
- Patch: ubuntu-noble/6.8.0-49.49/CVE-2024-43882-exec-Fix-ToCToU-between-perm-check-and-set-uid-gid-usage.patch
- From: 6.8.0-49.49
- CVE-2024-42285, CVSSv2 Score: 7.8
- Description:
RDMA/iwcm: Fix a use-after-free related to destroying CM IDs
- CVE: https://ubuntu.com/security/CVE-2024-42285
- Patch: ubuntu-noble/6.8.0-50.51/CVE-2024-42285-rdma-iwcm-fix-a-use-after-free-related-to-destroying-cm-ids.patch
- From: 6.8.0-54.56
- CVE-2024-42301, CVSSv2 Score: 7.8
- Description:
dev/parport: fix the array out-of-bounds risk
- CVE: https://ubuntu.com/security/CVE-2024-42301
- Patch: ubuntu-noble/6.8.0-50.51/CVE-2024-42301-dev-parport-fix-the-array-out-of-bounds-risk.patch
- From: 6.8.0-50.51
- CVE-2024-46831, CVSSv2 Score: 7.8
- Description:
net: microchip: vcap: Fix use-after-free error in kunit test
- CVE: https://ubuntu.com/security/CVE-2024-46831
- Patch: ubuntu-noble/6.8.0-50.51/CVE-2024-46831-net-microchip-vcap-Fix-use-after-free-error-in-kunit-test.patch
- From: 6.8.0-50.51
- CVE-2024-49967, CVSSv2 Score: 7.8
- Description:
ext4: no need to continue when the number of entries is 1
- CVE: https://ubuntu.com/security/CVE-2024-49967
- Patch: ubuntu-noble/6.8.0-51.52/CVE-2024-49967-ext4-no-need-to-continue-when-the-number-of-entries-is-1.patch
- From: 6.8.0-51.52
- CVE-2024-53057, CVSSv2 Score: 7.8
- Description:
net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT
- CVE: https://ubuntu.com/security/CVE-2024-53057
- Patch: ubuntu-noble/6.8.0-51.52/CVE-2024-53057-net-sched-stop-qdisc-tree-reduce-backlog-on-tc-h-root.patch
- From: 6.8.0-51.52
- CVE-2024-50264, CVSSv2 Score: 7.8
- Description:
vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans
- CVE: https://ubuntu.com/security/CVE-2024-50264
- Patch: ubuntu-noble/6.8.0-51.52/CVE-2024-50264-vsock-virtio-initialization-of-the-dangling-pointer-occurring-in-vsk-trans.patch
- From: 6.8.0-51.52
- CVE-2024-53103, CVSSv2 Score: 7.8
- Description:
hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer
- CVE: https://ubuntu.com/security/CVE-2024-53103
- Patch: ubuntu-noble/6.8.0-52.53/CVE-2024-53103-hv-sock-initializing-vsk-trans-to-null-to-prevent-a-dangling-pointer.patch
- From: 6.8.0-52.53
- CVE-2024-53141, CVSSv2 Score: 7.8
- Description:
netfilter: ipset: add missing range check in bitmap_ip_uadt
- CVE: https://ubuntu.com/security/CVE-2024-53141
- Patch: ubuntu-noble/6.8.0-52.53/CVE-2024-53141-netfilter-ipset-add-missing-range-check-in-bitmap-ip-uadt.patch
- From: 6.8.0-52.53
- CVE-2024-53164, CVSSv2 Score: 5.5
- Description:
net: sched: fix ordering of qlen adjustment
- CVE: https://ubuntu.com/security/CVE-2024-53164
- Patch: ubuntu-noble/6.8.0-52.53/CVE-2024-53164-net-sched-fix-ordering-of-qlen-adjustment.patch
- From: 6.8.0-52.53
- CVE-2024-47685, CVSSv2 Score: 9.1
- Description:
netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put()
- CVE: https://ubuntu.com/security/CVE-2024-47685
- Patch: ubuntu-noble/6.8.0-54.56/CVE-2024-47685-netfilter-nf-reject-ipv6-fix-nf-reject-ip6-tcphdr-put.patch
- From: 5.15.0-127.137
- CVE-2024-47670, CVSSv2 Score: 7.8
- Description:
ocfs2: add bounds checking to ocfs2_xattr_find_entry()
- CVE: https://ubuntu.com/security/CVE-2024-47670
- Patch: ubuntu-noble/6.8.0-54.56/CVE-2024-47670-ocfs2-add-bounds-checking-to-ocfs2-xattr-find-entry.patch
- From: 5.15.0-127.137
- CVE-2024-47675, CVSSv2 Score: 7.8
- Description:
bpf: Fix use-after-free in bpf_uprobe_multi_link_attach()
- CVE: https://ubuntu.com/security/CVE-2024-47675
- Patch: ubuntu-noble/6.8.0-54.56/CVE-2024-47675-bpf-fix-use-after-free-in-bpf-uprobe-multi-link-attach.patch
- From: kernel-6.8.0-54.56
- CVE-2024-47682, CVSSv2 Score: 7.8
- Description:
scsi: sd: Fix off-by-one error in sd_read_block_characteristics()
- CVE: https://ubuntu.com/security/CVE-2024-47682
- Patch: ubuntu-noble/6.8.0-54.56/CVE-2024-47682-scsi-sd-fix-off-by-one-error-in-sd-read-block-characteristics.patch
- From: kernel-6.8.0-54.56
- CVE-2024-47695, CVSSv2 Score: 7.8
- Description:
RDMA/rtrs-clt: Reset cid to con_num - 1 to stay in bounds
- CVE: https://ubuntu.com/security/CVE-2024-47695
- Patch: ubuntu-noble/6.8.0-54.56/CVE-2024-47695-rdma-rtrs-clt-reset-cid-to-con-num-1-to-stay-in-bounds.patch
- From: kernel-6.8.0-54.56
- CVE-2024-47697, CVSSv2 Score: 7.8
- Description:
drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error
- CVE: https://ubuntu.com/security/CVE-2024-47697
- Patch: ubuntu-noble/6.8.0-54.56/CVE-2024-47697-drivers-media-dvb-frontends-rtl2830-fix-an-out-of-bounds-write-error.patch
- From: 6.8.0-54.56
- CVE-2024-47698, CVSSv2 Score: 7.8
- Description:
drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error
- CVE: https://ubuntu.com/security/CVE-2024-47698
- Patch: ubuntu-noble/6.8.0-54.56/CVE-2024-47698-drivers-media-dvb-frontends-rtl2832-fix-an-out-of-bounds-write-error.patch
- From: 6.8.0-54.56
- CVE-2024-47701, CVSSv2 Score: 7.8
- Description:
ext4: return error on ext4_find_inline_entry
- CVE: https://ubuntu.com/security/CVE-2024-47701
- Patch: ubuntu-noble/6.8.0-54.56/CVE-2024-47701-ext4-return-error-on-ext4_find_inline_entry.patch
- From: 6.8.0-54.56
- CVE-2024-47701, CVSSv2 Score: 7.8
- Description:
ext4: avoid OOB when system.data xattr changes underneath the filesystem
- CVE: https://ubuntu.com/security/CVE-2024-47701
- Patch: ubuntu-noble/6.8.0-54.56/CVE-2024-47701-ext4-avoid-oob-when-system-data-xattr-changes-underneath-the-filesystem.patch
- From: 6.8.0-54.56
- CVE-2024-47696, CVSSv2 Score: 7.8
- Description:
RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency
- CVE: https://ubuntu.com/security/CVE-2024-47696
- Patch: ubuntu-noble/6.8.0-54.56/CVE-2024-47696-rdma-iwcm-fix-warning-at-kernel-workqueue-c-check-flush-dependency.patch
- From: 6.8.0-54.56
- CVE-2024-47696, CVSSv2 Score: 7.8
- Description:
RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency
- CVE: https://ubuntu.com/security/CVE-2024-47696
- Patch: ubuntu-noble/6.8.0-54.56/CVE-2024-47696-rdma-iwcm-fix-warning-at-kernel-workqueue-c-check-flush-dependency-kpatch.patch
- From: 6.8.0-54.56
- CVE-2024-47691, CVSSv2 Score: 7.8
- Description:
f2fs: fix to avoid use-after-free in f2fs_stop_gc_thread()
- CVE: https://ubuntu.com/security/CVE-2024-47691
- Patch: ubuntu-noble/6.8.0-54.56/CVE-2024-47691-f2fs-fix-to-avoid-use-after-free-in-f2fs_stop_gc_thread.patch
- From: 6.8.0-54.56
- CVE-2024-53104, CVSSv2 Score: 7.8
- Description:
media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format
- CVE: https://ubuntu.com/security/CVE-2024-53104
- Patch: ubuntu-noble/6.8.0-55.57/CVE-2024-53104-media-uvcvideo-skip-parsing-frames-of-type-uvc-vs-undefined-in-uvc-parse-format.patch
- From: 6.8.0-55.57
- CVE-2024-50180, CVSSv2 Score: 7.8
- Description:
fbdev: sisfb: Fix strbuf array overflow
- CVE: https://ubuntu.com/security/CVE-2024-50180
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-50180-fbdev-sisfb-fix-strbuf-array-overflow.patch
- From: 6.8.0-56.58
- CVE-2024-50186, CVSSv2 Score: 7.8
- Description:
net: explicitly clear the sk pointer, when pf->create fails
- CVE: https://ubuntu.com/security/CVE-2024-50186
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-50186-net-explicitly-clear-the-sk-pointer-when-pf-create-fails.patch
- From: 6.8.0-56.58
- CVE-2024-50088, CVSSv2 Score: 7.8
- Description:
btrfs: fix uninitialized pointer free in add_inode_ref()
- CVE: https://ubuntu.com/security/CVE-2024-50088
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-50088-btrfs-fix-uninitialized-pointer-free-in-add-inode-ref.patch
- From: 6.8.0-56.58
- CVE-2024-50083, CVSSv2 Score: 7.5
- Description:
tcp: fix mptcp DSS corruption due to large pmtu xmit
- CVE: https://ubuntu.com/security/CVE-2024-50083
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-50083-tcp-fix-mptcp-dss-corruption-due-to-large-pmtu-xmit.patch
- From: 6.8.0-56.58
- CVE-2024-56614, CVSSv2 Score: 7.8
- Description:
xsk: fix OOB map writes when deleting elements
- CVE: https://ubuntu.com/security/CVE-2024-56614
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-56614-xsk-fix-oob-map-writes-when-deleting-elements.patch
- From: 6.8.0-56.58
- CVE-2024-53156, CVSSv2 Score: 7.8
- Description:
wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service()
- CVE: https://ubuntu.com/security/CVE-2024-53156
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-53156-wifi-ath9k-add-range-check-for-conn-rsp-epid-in-htc-connect-service.patch
- From: 6.8.0-56.58
- CVE-2024-53165, CVSSv2 Score:
- Description:
Out of scope: SuperH architecture isn't supported for current kernel
- CVE:
- Patch: skipped/CVE-2024-53165.patch
- From:
- CVE-2024-56582, CVSSv2 Score: 7.8
- Description:
btrfs: fix use-after-free in btrfs_encoded_read_endio()
- CVE: https://ubuntu.com/security/CVE-2024-56582
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-56582-btrfs-fix-use-after-free-in-btrfs-encoded-read-endio.patch
- From: 6.8.0-56.58
- CVE-2024-49865, CVSSv2 Score: 7.8
- Description:
drm/xe/vm: move xa_alloc to prevent UAF
- CVE: https://ubuntu.com/security/CVE-2024-49865
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-49865-drm-xe-vm-move-xa-alloc-to-prevent-uaf.patch
- From: 6.8.0-56.58
- CVE-2024-50055, CVSSv2 Score: 7.8
- Description:
driver core: bus: Fix double free in driver API bus_register()
- CVE: https://ubuntu.com/security/CVE-2024-50055
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-50055-driver-core-bus-fix-double-free-in-driver-api-bus-register.patch
- From: 6.8.0-56.58
- CVE-2024-50047, CVSSv2 Score: 7.8
- Description:
smb: client: fix UAF in async decryption
- CVE: https://ubuntu.com/security/CVE-2024-50047
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-50047-smb-client-fix-uaf-in-async-decryption.patch
- From: 6.8.0-56.58
- CVE-2024-50047, CVSSv2 Score: 7.8
- Description:
smb: client: fix NULL ptr deref in crypto_aead_setkey()
- CVE: https://ubuntu.com/security/CVE-2024-50047
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-50047-smb-client-fix-NULL-ptr-deref-in-crypto_aead_setkey.patch
- From: 6.8.0-56.58
- CVE-2024-50029, CVSSv2 Score: 7.8
- Description:
Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync
- CVE: https://ubuntu.com/security/CVE-2024-50029
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-50029-bluetooth-hci-conn-fix-uaf-in-hci-enhanced-setup-sync-39.patch
- From: 6.8.0-56.58
- CVE-2024-50084, CVSSv2 Score: 7.8
- Description:
net: microchip: vcap api: Fix memory leaks in vcap_api_encode_rule_test()
- CVE: https://ubuntu.com/security/CVE-2024-50084
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-50084-net-microchip-vcap-api-fix-memory-leaks-in-vcap-api-encode-rule-test.patch
- From: 6.8.0-56.58
- CVE-2024-50074, CVSSv2 Score: 7.8
- Description:
parport: Proper fix for array out-of-bounds access
- CVE: https://ubuntu.com/security/CVE-2024-50074
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-50074-parport-proper-fix-for-array-out-of-bounds-access.patch
- From: 6.8.0-56.58
- CVE-2024-50073, CVSSv2 Score: 7.8
- Description:
tty: n_gsm: Fix use-after-free in gsm_cleanup_mux
- CVE: https://ubuntu.com/security/CVE-2024-50073
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-50073-tty-n-gsm-fix-use-after-free-in-gsm-cleanup-mux.patch
- From: 6.8.0-56.58
- CVE-2024-50061, CVSSv2 Score: 7.0
- Description:
i3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master Driver Due to Race Condition
- CVE: https://ubuntu.com/security/CVE-2024-50061
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-50061-i3c-master-cdns-fix-use-after-free-vulnerability-in-cdns-i3c-master-driver-due-to-race-condition.patch
- From: 6.8.0-56.58
- CVE-2024-50059, CVSSv2 Score: 7.0
- Description:
ntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove due to race condition
- CVE: https://ubuntu.com/security/CVE-2024-50059
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-50059-ntb-ntb-hw-switchtec-fix-use-after-free-vulnerability-in-switchtec-ntb-remove-due-to-race-condition.patch
- From: 6.8.0-56.58
- CVE-2024-50042, CVSSv2 Score: 7.1
- Description:
ice: Fix increasing MSI-X on VF
- CVE: https://ubuntu.com/security/CVE-2024-50042
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-50042-ice-fix-increasing-msi-x-on-vf.patch
- From: 6.8.0-56.58
- CVE-2024-50036, CVSSv2 Score: 7.0
- Description:
net: do not delay dst_entries_add() in dst_release()
- CVE: https://ubuntu.com/security/CVE-2024-50036
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-50036-net-do-not-delay-dst-entries-add-in-dst-release.patch
- From: 6.8.0-56.58
- CVE-2024-50035, CVSSv2 Score: 7.1
- Description:
ppp: fix ppp_async_encode() illegal access
- CVE: https://ubuntu.com/security/CVE-2024-50035
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-50035-ppp-fix-ppp-async-encode-illegal-access.patch
- From: 6.8.0-56.58
- CVE-2024-50033, CVSSv2 Score: 7.1
- Description:
slip: make slhc_remember() more robust against malicious packets
- CVE: https://ubuntu.com/security/CVE-2024-50033
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-50033-slip-make-slhc-remember-more-robust-against-malicious-packets.patch
- From: 6.8.0-56.58
- CVE-2024-50066, CVSSv2 Score: 7.0
- Description:
mm/mremap: fix move_normal_pmd/retract_page_tables race
- CVE: https://ubuntu.com/security/CVE-2024-50066
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-50066-mm-mremap-fix-move-normal-pmd-retract-page-tables-race.patch
- From: 6.8.0-56.58
- CVE-2024-50193, CVSSv2 Score:
- Description:
Out of scope: patch for x86_32 arch
- CVE:
- Patch: skipped/CVE-2024-50193.patch
- From:
- CVE-2024-56663, CVSSv2 Score: 7.1
- Description:
wifi: nl80211: fix NL80211_ATTR_MLO_LINK_ID off-by-one
- CVE: https://ubuntu.com/security/CVE-2024-56663
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-56663-wifi-nl80211-fix-nl80211-attr-mlo-link-id-off-by-one.patch
- From: 6.8.0-56.58
- CVE-2024-56663, CVSSv2 Score: 7.1
- Description:
wifi: nl80211: fix NL80211_ATTR_MLO_LINK_ID off-by-one
- CVE: https://ubuntu.com/security/CVE-2024-56663
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-56663-wifi-nl80211-fix-nl80211-attr-mlo-link-id-off-by-one-kpatch.patch
- From: 6.8.0-56.58
- CVE-2024-46795, CVSSv2 Score: 5.5
- Description:
ksmbd: unset the binding mark of a reused connection
- CVE: https://ubuntu.com/security/CVE-2024-46795
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-46795-ksmbd-unset-the-binding-mark-of-a-reused-connection.patch
- From: 6.8.0-56.58
- CVE-2024-50086, CVSSv2 Score: 7.0
- Description:
ksmbd: fix user-after-free from session log off
- CVE: https://ubuntu.com/security/CVE-2024-50086
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-50086-ksmbd-fix-user-after-free-from-session-log-off.patch
- From: 6.8.0-56.58
- CVE-2024-50086, CVSSv2 Score: 7.0
- Description:
ksmbd: fix user-after-free from session log off
- CVE: https://ubuntu.com/security/CVE-2024-50086
- Patch: ubuntu-noble/6.8.0-56.58/CVE-2024-50086-ksmbd-fix-user-after-free-from-session-log-off-kpatch.patch
- From: 6.8.0-56.58
- CVE-2024-56598, CVSSv2 Score: 7.8
- Description:
jfs: array-index-out-of-bounds fix in dtReadFirst
- CVE: https://ubuntu.com/security/CVE-2024-56598
- Patch: ubuntu-noble/6.8.0-57.59/CVE-2024-56598-jfs-array-index-out-of-bounds-fix-in-dtreadfirst.patch
- From: 6.8.0-57.59
- CVE-2024-56595, CVSSv2 Score: 7.8
- Description:
jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree
- CVE: https://ubuntu.com/security/CVE-2024-56595
- Patch: ubuntu-noble/6.8.0-57.59/CVE-2024-56595-jfs-add-a-check-to-prevent-array-index-out-of-bounds-in-dbadjtree.patch
- From: 6.8.0-57.59
- CVE-2024-50302, CVSSv2 Score: 7.8
- Description:
HID: core: zero-initialize the report buffer
- CVE: https://ubuntu.com/security/CVE-2024-50302
- Patch: ubuntu-noble/6.8.0-57.59/CVE-2024-50302-hid-core-zero-initialize-the-report-buffer.patch
- From: 6.8.0-57.59
- CVE-2024-56658, CVSSv2 Score: 7.8
- Description:
net: defer final 'struct net' free in netns dismantle
- CVE: https://ubuntu.com/security/CVE-2024-56658
- Patch: ubuntu-noble/6.8.0-57.59/CVE-2024-56658-net-defer-final-struct-net-free-in-netns-dismantle.patch
- From: 6.8.0-57.59
- CVE-2024-56658, CVSSv2 Score: 7.8
- Description:
net: defer final 'struct net' free in netns dismantle
- CVE: https://security-tracker.debian.org/tracker/CVE-2024-56658
- Patch: ubuntu-noble/6.8.0-57.59/CVE-2024-56658-net-defer-final-struct-net-free-in-netns-dismantle-kpatch.patch
- From: 6.1.123-1
- CVE-2024-57798, CVSSv2 Score: 7.8
- Description:
drm/dp_mst: Skip CSN if topology probing is not done yet (dependency)
- CVE: https://ubuntu.com/security/CVE-2024-57798
- Patch: ubuntu-noble/6.8.0-57.59/CVE-2024-57798-drm-dp-mst-skip-csn-if-topology-probing-is-not-done-yet-49.patch
- From: 6.8.0-57.59
- CVE-2024-57798, CVSSv2 Score: 7.8
- Description:
drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req()
- CVE: https://ubuntu.com/security/CVE-2024-57798
- Patch: ubuntu-noble/6.8.0-57.59/CVE-2024-57798-drm-dp-mst-ensure-mst-primary-pointer-is-valid-in-drm-dp-mst-handle-up-req.patch
- From: 6.8.0-57.59
- CVE-2024-56672, CVSSv2 Score: 7.8
- Description:
blk-cgroup: Fix UAF in blkcg_unpin_online()
- CVE: https://ubuntu.com/security/CVE-2024-56672
- Patch: ubuntu-noble/6.8.0-57.59/CVE-2024-56672-blk-cgroup-fix-uaf-in-blkcg-unpin-online.patch
- From: 6.8.0-57.59
- CVE-2024-53063, CVSSv2 Score: 5.5
- Description:
media: dvbdev: prevent the risk of out of memory access
- CVE: https://ubuntu.com/security/CVE-2024-53063
- Patch: ubuntu-noble/6.8.0-57.59/CVE-2024-53063-media-dvbdev-prevent-the-risk-of-out-of-memory-access.patch
- From: 6.8.0-57.59
- CVE-2024-50067, CVSSv2 Score: 7.8
- Description:
uprobe: avoid out-of-bounds memory access of fetching args
- CVE: https://ubuntu.com/security/CVE-2024-50067
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50067-uprobe-avoid-out-of-bounds-memory-access-of-fetching-args.patch
- From: 6.8.0-58.60
- CVE-2024-50131, CVSSv2 Score: 7.8
- Description:
tracing: Consider the NULL character when validating the event length
- CVE: https://ubuntu.com/security/CVE-2024-50131
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50131-tracing-consider-the-null-character-when-validating-the-event-length.patch
- From: 6.8.0-58.60
- CVE-2024-50127, CVSSv2 Score: 7.8
- Description:
net: sched: fix use-after-free in taprio_change()
- CVE: https://ubuntu.com/security/CVE-2024-50127
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50127-net-sched-fix-use-after-free-in-taprio-change.patch
- From: 6.8.0-58.60
- CVE-2024-50126, CVSSv2 Score: 7.8
- Description:
net: sched: use RCU read-side critical section in taprio_dump()
- CVE: https://ubuntu.com/security/CVE-2024-50126
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50126-net-sched-use-rcu-read-side-critical-section-in-taprio-dump.patch
- From: 6.8.0-58.60
- CVE-2024-50125, CVSSv2 Score: 7.8
- Description:
Bluetooth: SCO: Fix UAF on sco_sock_timeout
- CVE: https://ubuntu.com/security/CVE-2024-50125
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50125-bluetooth-sco-fix-uaf-on-sco-sock-timeout-39.patch
- From: 6.8.0-58.60
- CVE-2024-50124, CVSSv2 Score: 7.8
- Description:
Bluetooth: ISO: Fix UAF on iso_sock_timeout
- CVE: https://ubuntu.com/security/CVE-2024-50124
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50124-bluetooth-iso-fix-uaf-on-iso-sock-timeout.patch
- From: 6.8.0-58.60
- CVE-2024-50121, CVSSv2 Score: 7.8
- Description:
nfsd: cancel nfsd_shrinker_work using sync mode in nfs4_state_shutdown_net
- CVE: https://ubuntu.com/security/CVE-2024-50121
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50121-nfsd-cancel-nfsd-shrinker-work-using-sync-mode-in-nfs4-state-shutdown-net.patch
- From: 6.8.0-58.60
- CVE-2024-50051, CVSSv2 Score: 7.8
- Description:
spi: mpc52xx: Add cancel_work_sync before module remove
- CVE: https://ubuntu.com/security/CVE-2024-50051
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50051-spi-mpc52xx-add-cancel-work-sync-before-module-remove.patch
- From: 6.8.0-58.60
- CVE-2024-50209, CVSSv2 Score: 7.8
- Description:
RDMA/bnxt_re: Add a check for memory allocation
- CVE: https://ubuntu.com/security/CVE-2024-50209
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50209-rdma-bnxt-re-add-a-check-for-memory-allocation.patch
- From: 6.8.0-58.60
- CVE-2024-50159, CVSSv2 Score: 7.8
- Description:
firmware: arm_scmi: Fix the double free in scmi_debugfs_common_setup()
- CVE: https://ubuntu.com/security/CVE-2024-50159
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50159-firmware-arm-scmi-fix-the-double-free-in-scmi-debugfs-common-setup.patch
- From: 6.8.0-58.60
- CVE-2024-50158, CVSSv2 Score: 7.8
- Description:
RDMA/bnxt_re: Fix out of bound check
- CVE: https://ubuntu.com/security/CVE-2024-50158
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50158-rdma-bnxt-re-fix-out-of-bound-check.patch
- From: 6.8.0-58.60
- CVE-2024-50155, CVSSv2 Score: 7.8
- Description:
netdevsim: use cond_resched() in nsim_dev_trap_report_work()
- CVE: https://ubuntu.com/security/CVE-2024-50155
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50155-netdevsim-use-cond-resched-in-nsim-dev-trap-report-work.patch
- From: 6.8.0-58.60
- CVE-2024-50154, CVSSv2 Score: 7.8
- Description:
tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink().
- CVE: https://ubuntu.com/security/CVE-2024-50154
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50154-tcp-dccp-don-t-use-timer-pending-in-reqsk-queue-unlink-6.8.0-47.47.patch
- From: 6.8.0-58.60
- CVE-2024-53206, CVSSv2 Score: 7.8
- Description:
tcp: Fix use-after-free of nreq in reqsk_timer_handler().
- CVE: https://ubuntu.com/security/CVE-2024-53206
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-53206-tcp-Fix-use-after-free-of-nreq-in-reqsk_timer_handler-6.8.0-47.47.patch
- From: 6.8.0-58.60
- CVE-2024-50151, CVSSv2 Score: 7.8
- Description:
smb: client: fix OOBs when building SMB2_IOCTL request
- CVE: https://ubuntu.com/security/CVE-2024-50151
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50151-smb-client-fix-oobs-when-building-smb2-ioctl-request.patch
- From: 6.8.0-58.60
- CVE-2024-50143, CVSSv2 Score: 7.8
- Description:
udf: fix uninit-value use in udf_get_fileshortad
- CVE: https://ubuntu.com/security/CVE-2024-50143
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50143-udf-fix-uninit-value-use-in-udf-get-fileshortad.patch
- From: 6.8.0-58.60
- CVE-2024-50203, CVSSv2 Score:
- Description:
Out of scope: ARM64 architecture issue
- CVE:
- Patch: skipped/CVE-2024-50203.patch
- From:
- CVE-2024-50215, CVSSv2 Score: 7.8
- Description:
nvmet-auth: assign dh_key to NULL after kfree_sensitive
- CVE: https://ubuntu.com/security/CVE-2024-50215
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50215-nvmet-auth-assign-dh-key-to-null-after-kfree-sensitive.patch
- From: 6.8.0-58.60
- CVE-2024-50261, CVSSv2 Score: 7.8
- Description:
macsec: Fix use-after-free while sending the offloading packet
- CVE: https://ubuntu.com/security/CVE-2024-50261
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50261-macsec-fix-use-after-free-while-sending-the-offloading-packet.patch
- From: 6.8.0-58.60
- CVE-2024-50262, CVSSv2 Score: 7.8
- Description:
bpf: Fix out-of-bounds write in trie_get_next_key()
- CVE: https://ubuntu.com/security/CVE-2024-50262
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50262-bpf-fix-out-of-bounds-write-in-trie-get-next-key.patch
- From: 6.8.0-58.60
- CVE-2024-50257, CVSSv2 Score: 7.8
- Description:
netfilter: Fix use-after-free in get_info()
- CVE: https://ubuntu.com/security/CVE-2024-50257
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50257-netfilter-fix-use-after-free-in-get-info.patch
- From: 6.8.0-58.60
- CVE-2024-50246, CVSSv2 Score: 7.8
- Description:
fs/ntfs3: Add rough attr alloc_size check
- CVE: https://ubuntu.com/security/CVE-2024-50246
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50246-fs-ntfs3-add-rough-attr-alloc-size-check.patch
- From: 6.8.0-58.60
- CVE-2024-50242, CVSSv2 Score: 7.8
- Description:
fs/ntfs3: Additional check in ntfs_file_release
- CVE: https://ubuntu.com/security/CVE-2024-50242
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50242-fs-ntfs3-additional-check-in-ntfs-file-release.patch
- From: 6.8.0-58.60
- CVE-2024-50235, CVSSv2 Score: 7.8
- Description:
wifi: cfg80211: clear wdev->cqm_config pointer on free
- CVE: https://ubuntu.com/security/CVE-2024-50235
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50235-wifi-cfg80211-clear-wdev-cqm-config-pointer-on-free.patch
- From: 6.8.0-58.60
- CVE-2024-50222, CVSSv2 Score: 7.8
- Description:
iov_iter: fix copy_page_from_iter_atomic() if KMAP_LOCAL_FORCE_MAP
- CVE: https://ubuntu.com/security/CVE-2024-50222
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50222-iov-iter-fix-copy-page-from-iter-atomic-if-kmap-local-force-map.patch
- From: 6.8.0-58.60
- CVE-2024-50230, CVSSv2 Score: 7.8
- Description:
nilfs2: fix kernel bug due to missing clearing of checked flag
- CVE: https://ubuntu.com/security/CVE-2024-50230
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50230-nilfs2-fix-kernel-bug-due-to-missing-clearing-of-checked-flag.patch
- From: 6.8.0-58.60
- CVE-2024-53059, CVSSv2 Score: 7.8
- Description:
wifi: iwlwifi: mvm: Fix response handling in iwl_mvm_send_recovery_cmd()
- CVE: https://ubuntu.com/security/CVE-2024-53059
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-53059-wifi-iwlwifi-mvm-fix-response-handling-in-iwl-mvm-send-recovery-cmd.patch
- From: 6.8.0-58.60
- CVE-2024-53061, CVSSv2 Score: 7.8
- Description:
media: s5p-jpeg: prevent buffer overflows
- CVE: https://ubuntu.com/security/CVE-2024-53061
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-53061-media-s5p-jpeg-prevent-buffer-overflows.patch
- From: 6.8.0-58.60
- CVE-2024-50286, CVSSv2 Score: 7.8
- Description:
ksmbd: fix slab-use-after-free in ksmbd_smb2_session_create
- CVE: https://ubuntu.com/security/CVE-2024-50286
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50286-ksmbd-fix-slab-use-after-free-in-ksmbd-smb2-session-create.patch
- From: 6.8.0-58.60
- CVE-2024-50283, CVSSv2 Score: 7.8
- Description:
ksmbd: fix slab-use-after-free in smb3_preauth_hash_rsp
- CVE: https://ubuntu.com/security/CVE-2024-50283
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50283-ksmbd-fix-slab-use-after-free-in-smb3-preauth-hash-rsp.patch
- From: 6.8.0-58.60
- CVE-2024-50282, CVSSv2 Score: 7.8
- Description:
drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read()
- CVE: https://ubuntu.com/security/CVE-2024-50282
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50282-drm-amdgpu-add-missing-size-check-in-amdgpu-debugfs-gprwave-read.patch
- From: 6.8.0-58.60
- CVE-2024-50280, CVSSv2 Score: 7.8
- Description:
dm cache: fix flushing uninitialized delayed_work on cache_ctr error
- CVE: https://ubuntu.com/security/CVE-2024-50280
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50280-dm-cache-fix-flushing-uninitialized-delayed-work-on-cache-ctr-error.patch
- From: 6.8.0-58.60
- CVE-2024-50276, CVSSv2 Score: 7.8
- Description:
net: vertexcom: mse102x: Fix possible double free of TX skb
- CVE: https://ubuntu.com/security/CVE-2024-50276
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50276-net-vertexcom-mse102x-fix-possible-double-free-of-tx-skb.patch
- From: 6.8.0-58.60
- CVE-2024-50269, CVSSv2 Score: 7.8
- Description:
usb: musb: sunxi: Fix accessing an released usb phy
- CVE: https://ubuntu.com/security/CVE-2024-50269
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50269-usb-musb-sunxi-fix-accessing-an-released-usb-phy.patch
- From: 6.8.0-58.60
- CVE-2024-50267, CVSSv2 Score: 7.8
- Description:
USB: serial: io_edgeport: fix use after free in debug printk
- CVE: https://ubuntu.com/security/CVE-2024-50267
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50267-usb-serial-io-edgeport-fix-use-after-free-in-debug-printk.patch
- From: 6.8.0-58.60
- CVE-2025-21993, CVSSv2 Score: 7.1
- Description:
iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic()
- CVE: https://ubuntu.com/security/CVE-2025-21993
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2025-21993-iscsi-ibft-fix-ubsan-shift-out-of-bounds-warning-in-ibft-attr-show-nic.patch
- From: 6.8.0-58.60
- CVE-2024-56627, CVSSv2 Score: 7.1
- Description:
ksmbd: fix Out-of-Bounds Read in ksmbd_vfs_stream_read
- CVE: https://ubuntu.com/security/CVE-2024-56627
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-56627-ksmbd-fix-out-of-bounds-read-in-ksmbd-vfs-stream-read.patch
- From: 6.8.0-58.60
- CVE-2024-50234, CVSSv2 Score: 7.0
- Description:
wifi: iwlegacy: Clear stale interrupts before resuming device
- CVE: https://ubuntu.com/security/CVE-2024-50234
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50234-wifi-iwlegacy-clear-stale-interrupts-before-resuming-device.patch
- From: 6.8.0-58.60
- CVE-2024-50301, CVSSv2 Score: 7.1
- Description:
security/keys: fix slab-out-of-bounds in key_task_permission
- CVE: https://ubuntu.com/security/CVE-2024-50301
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50301-security-keys-fix-slab-out-of-bounds-in-key-task-permission.patch
- From: 6.8.0-58.60
- CVE-2024-53082, CVSSv2 Score: 7.1
- Description:
virtio_net: Add hash_key_length check
- CVE: https://ubuntu.com/security/CVE-2024-53082
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-53082-virtio-net-add-hash-key-length-check.patch
- From: 6.8.0-58.60
- CVE-2024-50279, CVSSv2 Score: 7.1
- Description:
dm cache: fix out-of-bounds access to the dirty bitset when resizing
- CVE: https://ubuntu.com/security/CVE-2024-50279
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50279-dm-cache-fix-out-of-bounds-access-to-the-dirty-bitset-when-resizing.patch
- From: 6.8.0-58.60
- CVE-2024-50275, CVSSv2 Score: 7.0
- Description:
arm64/sve: Discard stale CPU state when handling SVE traps
- CVE: https://ubuntu.com/security/CVE-2024-50275
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-50275-arm64-sve-discard-stale-cpu-state-when-handling-sve-traps.patch
- From: 6.8.0-58.60
- CVE-2024-53062, CVSSv2 Score: 7.1
- Description:
media: mgb4: protect driver against spectre
- CVE: https://ubuntu.com/security/CVE-2024-53062
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-53062-media-mgb4-protect-driver-against-spectre.patch
- From: 6.8.0-58.60
- CVE-2024-53099, CVSSv2 Score: 7.1
- Description:
bpf: Check validity of link->type in bpf_link_show_fdinfo()
- CVE: https://ubuntu.com/security/CVE-2024-53099
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-53099-bpf-check-validity-of-link-type-in-bpf-link-show-fdinfo.patch
- From: 6.8.0-58.60
- CVE-2024-53108, CVSSv2 Score: 7.1
- Description:
drm/amd/display: Adjust VSDB parser for replay feature
- CVE: https://ubuntu.com/security/CVE-2024-53108
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-53108-drm-amd-display-adjust-vsdb-parser-for-replay-feature.patch
- From: 6.8.0-58.60
- CVE-2024-53162, CVSSv2 Score: 7.1
- Description:
crypto: qat/qat_4xxx - fix off by one in uof_get_name()
- CVE: https://ubuntu.com/security/CVE-2024-53162
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-53162-crypto-qat-qat-4xxx-fix-off-by-one-in-uof-get-name.patch
- From: 6.8.0-58.60
- CVE-2024-53155, CVSSv2 Score: 7.1
- Description:
ocfs2: fix uninitialized value in ocfs2_file_read_iter()
- CVE: https://ubuntu.com/security/CVE-2024-53155
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-53155-ocfs2-fix-uninitialized-value-in-ocfs2-file-read-iter.patch
- From: 6.8.0-58.60
- CVE-2024-56721, CVSSv2 Score: 7.1
- Description:
x86/CPU/AMD: Terminate the erratum_1386_microcode array
- CVE: https://ubuntu.com/security/CVE-2024-56721
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-56721-x86-cpu-amd-terminate-the-erratum-1386-microcode-array.patch
- From: 6.8.0-58.60
- CVE-2024-56650, CVSSv2 Score: 7.1
- Description:
netfilter: x_tables: fix LED ID check in led_tg_check()
- CVE: https://ubuntu.com/security/CVE-2024-56650
- Patch: ubuntu-noble/6.8.0-58.60/CVE-2024-56650-netfilter-x-tables-fix-led-id-check-in-led-tg-check.patch
- From: 6.8.0-58.60