- kernel-5.15.0-1061.70~20.04.1 (ubuntu-focal-lts-jammy-azure)
- 5.15.0-1064.73~20.04.1
- 2024-06-05 06:40:03
- CVE-2024-26592, CVSSv2 Score: 7.8
- Description:
ksmbd: fix UAF issue in ksmbd_tcp_new_connection()
- CVE: https://ubuntu.com/security/CVE-2024-26592
- Patch: ubuntu-jammy/5.15.0-106.116/CVE-2024-26592-ksmbd-fix-uaf-issue-in-ksmbd-tcp-new-connection.patch
- From: 5.15.0-106.116
- CVE-2024-26592, CVSSv2 Score: 7.8
- Description:
ksmbd: fix UAF issue in ksmbd_tcp_new_connection() (adaptation)
- CVE: https://ubuntu.com/security/CVE-2024-26592
- Patch: ubuntu-jammy/5.15.0-106.116/CVE-2024-26592-ksmbd-fix-uaf-issue-in-ksmbd-tcp-new-connection-kpatch.patch
- From: 5.15.0-106.116
- CVE-2023-52604, CVSSv2 Score: 7.8
- Description:
FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree
- CVE: https://ubuntu.com/security/CVE-2023-52604
- Patch: ubuntu-jammy/5.15.0-106.116/CVE-2023-52604-fs-jfs-ubsan-array-index-out-of-bounds-in-dbadjtree.patch
- From: 5.15.0-106.116
- CVE-2023-52599, CVSSv2 Score: 7.1
- Description:
jfs: fix array-index-out-of-bounds in diNewExt
- CVE: https://ubuntu.com/security/CVE-2023-52599
- Patch: ubuntu-jammy/5.15.0-106.116/CVE-2023-52599-jfs-fix-array-index-out-of-bounds-in-dinewext.patch
- From: 5.15.0-106.116
- CVE-2023-52597, CVSSv2 Score: 7.1
- Description:
KVM: s390: fix setting of fpc register
- CVE: https://ubuntu.com/security/CVE-2023-52597
- Patch: ubuntu-jammy/5.15.0-106.116/CVE-2023-52597-kvm-s390-fix-setting-of-fpc-register.patch
- From: 5.15.0-106.116
- CVE-2023-52588, CVSSv2 Score: 7.1
- Description:
f2fs: fix to tag gcing flag on page during block migration
- CVE: https://ubuntu.com/security/CVE-2023-52588
- Patch: ubuntu-jammy/5.15.0-106.116/CVE-2023-52588-f2fs-fix-to-tag-gcing-flag-on-page-during-block-migration.patch
- From: 5.15.0-106.116
- CVE-2024-26625, CVSSv2 Score: 7.8
- Description:
llc: call sock_orphan() at release time
- CVE: https://ubuntu.com/security/CVE-2024-26625
- Patch: ubuntu-jammy/5.15.0-106.116/CVE-2024-26625-llc-call-sock-orphan-at-release-time.patch
- From: 5.15.0-106.116
- CVE-2023-52606, CVSSv2 Score: 7.1
- Description:
powerpc/lib: Validate size for vector operations
- CVE: https://ubuntu.com/security/CVE-2023-52606
- Patch: ubuntu-jammy/5.15.0-106.116/CVE-2023-52606-powerpc-lib-validate-size-for-vector-operations.patch
- From: 5.15.0-106.116
- CVE-2023-52601, CVSSv2 Score: 7.1
- Description:
jfs: fix array-index-out-of-bounds in dbAdjTree
- CVE: https://ubuntu.com/security/CVE-2023-52601
- Patch: ubuntu-jammy/5.15.0-106.116/CVE-2023-52601-jfs-fix-array-index-out-of-bounds-in-dbadjtree.patch
- From: 5.15.0-106.116
- CVE-2024-26593, CVSSv2 Score: 7.1
- Description:
i2c: i801: Fix block process call transactions
- CVE: https://ubuntu.com/security/CVE-2024-26593
- Patch: ubuntu-jammy/5.15.0-106.116/CVE-2024-26593-i2c-i801-fix-block-process-call-transactions.patch
- From: 5.15.0-106.116
- CVE-2024-26594, CVSSv2 Score: 7.1
- Description:
ksmbd: validate mech token in session setup
- CVE: https://ubuntu.com/security/CVE-2024-26594
- Patch: ubuntu-jammy/5.15.0-106.116/CVE-2024-26594-ksmbd-validate-mech-token-in-session-setup.patch
- From: 5.15.0-106.116
- CVE-2024-26594, CVSSv2 Score: 7.1
- Description:
ksmbd: validate mech token in session setup (adaptation)
- CVE: https://ubuntu.com/security/CVE-2024-26594
- Patch: ubuntu-jammy/5.15.0-106.116/CVE-2024-26594-ksmbd-validate-mech-token-in-session-setup-kpatch.patch
- From: 5.15.0-106.116
- CVE-2024-26641, CVSSv2 Score: 5.5
- Description:
ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()
- CVE: https://ubuntu.com/security/CVE-2024-26641
- Patch: ubuntu-jammy/5.15.0-106.116/CVE-2024-26641-ip6-tunnel-make-sure-to-pull-inner-header-in-ip6-tnl-rcv.patch
- From: 5.15.0-106.116
- CVE-2024-26660, CVSSv2 Score: 5.5
- Description:
drm/amd/display: Implement bounds check for stream encoder
- CVE: https://ubuntu.com/security/CVE-2024-26660
- Patch: ubuntu-jammy/5.15.0-106.116/CVE-2024-26660-drm-amd-display-implement-bounds-check-for-stream-encoder.patch
- From: 5.15.0-106.116
- CVE-2024-26615, CVSSv2 Score: 5.5
- Description:
net/smc: fix illegal rmb_desc access in SMC-D connection dump
- CVE: https://ubuntu.com/security/CVE-2024-26615
- Patch: ubuntu-jammy/5.15.0-106.116/CVE-2024-26615-net-smc-fix-illegal-rmb-desc-access-in-smc-d-connection-dump.patch
- From: 5.15.0-106.116
- CVE-2024-26636, CVSSv2 Score: 5.5
- Description:
llc: make llc_ui_sendmsg() more robust against bonding
- CVE: https://ubuntu.com/security/CVE-2024-26636
- Patch: ubuntu-jammy/5.15.0-106.116/CVE-2024-26636-llc-make-llc-ui-sendmsg-more-robust-against-bonding.patch
- From: 5.15.0-106.116
- CVE-2024-26644, CVSSv2 Score: 5.5
- Description:
btrfs: don't abort filesystem when attempting to snapshot
- CVE: https://ubuntu.com/security/CVE-2024-26644
- Patch: ubuntu-jammy/5.15.0-106.116/CVE-2024-26644-btrfs-don-t-abort-filesystem-when-attempting-to-snapshot.patch
- From: 5.15.0-106.116
- CVE-2024-26627, CVSSv2 Score: 5.5
- Description:
scsi: core: Move scsi_host_busy() out of host lock for waking
- CVE: https://ubuntu.com/security/CVE-2024-26627
- Patch: ubuntu-jammy/5.15.0-106.116/CVE-2024-26627-scsi-core-move-scsi-host-busy-out-of-host-lock-for-waking.patch
- From: 5.15.0-106.116
- CVE-2024-26640, CVSSv2 Score: 5.5
- Description:
tcp: add sanity checks to rx zerocopy
- CVE: https://ubuntu.com/security/CVE-2024-26640
- Patch: ubuntu-jammy/5.15.0-106.116/CVE-2024-26640-tcp-add-sanity-checks-to-rx-zerocopy.patch
- From: 5.15.0-106.116
- CVE-2024-26663, CVSSv2 Score: 5.5
- Description:
tipc: Check the bearer type before calling
- CVE: https://ubuntu.com/security/CVE-2024-26663
- Patch: ubuntu-jammy/5.15.0-106.116/CVE-2024-26663-tipc-check-the-bearer-type-before-calling.patch
- From: 5.15.0-106.116
- CVE-2024-26606, CVSSv2 Score: 5.5
- Description:
binder: signal epoll threads of self-work
- CVE: https://ubuntu.com/security/CVE-2024-26606
- Patch: ubuntu-jammy/5.15.0-106.116/CVE-2024-26606-binder-signal-epoll-threads-of-self-work.patch
- From: 5.15.0-106.116
- CVE-2023-52587, CVSSv2 Score: 6.0
- Description:
IB/ipoib: Fix mcast list locking
- CVE: https://ubuntu.com/security/CVE-2023-52587
- Patch: ubuntu-jammy/5.15.0-106.116/CVE-2023-52587-ib-ipoib-fix-mcast-list-locking.patch
- From: 5.15.0-106.116
- CVE-2024-26610, CVSSv2 Score: 6.1
- Description:
wifi: iwlwifi: fix a memory corruption
- CVE: https://ubuntu.com/security/CVE-2024-26610
- Patch: ubuntu-jammy/5.15.0-106.116/CVE-2024-26610-wifi-iwlwifi-fix-a-memory-corruption.patch
- From: 5.15.0-106.116
- CVE-2023-52607, CVSSv2 Score: 5.5
- Description:
powerpc/mm: Fix null-pointer dereference in pgtable_cache_add
- CVE: https://ubuntu.com/security/CVE-2023-52607
- Patch: ubuntu-jammy/5.15.0-106.116/CVE-2023-52607-powerpc-mm-fix-null-pointer-dereference-in-pgtable-cache-add.patch
- From: 5.15.0-106.116
- CVE-2023-52619, CVSSv2 Score: 5.5
- Description:
pstore/ram: Fix crash when setting number of cpus to an odd
- CVE: https://ubuntu.com/security/CVE-2023-52619
- Patch: ubuntu-jammy/5.15.0-106.116/CVE-2023-52619-pstore-ram-fix-crash-when-setting-number-of-cpus-to-an-odd.patch
- From: 5.15.0-106.116
- CVE-2023-52598, CVSSv2 Score: 6.0
- Description:
s390/ptrace: handle setting of fpc register correctly
- CVE: https://ubuntu.com/security/CVE-2023-52598
- Patch: ubuntu-jammy/5.15.0-106.116/CVE-2023-52598-s390-ptrace-handle-setting-of-fpc-register-correctly.patch
- From: 5.15.0-106.116
- CVE-2023-52623, CVSSv2 Score: 5.5
- Description:
SUNRPC: Fix a suspicious RCU usage warning
- CVE: https://ubuntu.com/security/CVE-2023-52623
- Patch: ubuntu-jammy/5.15.0-106.116/CVE-2023-52623-sunrpc-fix-a-suspicious-rcu-usage-warning.patch
- From: 5.15.0-106.116
- CVE-2023-52583, CVSSv2 Score: 5.5
- Description:
ceph: fix deadlock or deadcode of misusing dget()
- CVE: https://ubuntu.com/security/CVE-2023-52583
- Patch: ubuntu-jammy/5.15.0-106.116/CVE-2023-52583-ceph-fix-deadlock-or-deadcode-of-misusing-dget.patch
- From: 5.15.0-106.116
- CVE-2023-52616, CVSSv2 Score: 5.5
- Description:
crypto: lib/mpi - Fix unexpected pointer access in
- CVE: https://ubuntu.com/security/CVE-2023-52616
- Patch: ubuntu-jammy/5.15.0-106.116/CVE-2023-52616-crypto-lib-mpi-fix-unexpected-pointer-access-in.patch
- From: 5.15.0-106.116
- CVE-2023-52435, CVSSv2 Score: 5.5
- Description:
net: prevent mss overflow in skb_segment()
- CVE: https://ubuntu.com/security/CVE-2023-52435
- Patch: ubuntu-jammy/5.15.0-106.116/CVE-2023-52435-net-prevent-mss-overflow-in-skb-segment.patch
- From: 5.15.0-106.116
- CVE-2023-52631, CVSSv2 Score: 5.5
- Description:
fs/ntfs3: Fix an NULL dereference bug
- CVE: https://ubuntu.com/security/CVE-2023-52631
- Patch: ubuntu-jammy/5.15.0-106.116/CVE-2023-52631-fs-ntfs3-fix-an-null-dereference-bug.patch
- From: 5.15.0-106.116
- CVE-2023-52633, CVSSv2 Score: 5.5
- Description:
um: time-travel: fix time corruption
- CVE: https://ubuntu.com/security/CVE-2023-52633
- Patch: ubuntu-jammy/5.15.0-106.116/CVE-2023-52633-um-time-travel-fix-time-corruption.patch
- From: 5.15.0-106.116
- CVE-2023-52635, CVSSv2 Score: 5.5
- Description:
PM / devfreq: Synchronize devfreq_monitor_[start/stop]
- CVE: https://ubuntu.com/security/CVE-2023-52635
- Patch: ubuntu-jammy/5.15.0-106.116/CVE-2023-52635-pm-devfreq-synchronize-devfreq-monitor-start-stop.patch
- From: 5.15.0-106.116
- CVE-2024-1151, CVSSv2 Score: 5.5
- Description:
net: openvswitch: limit the number of recursions from action sets
- CVE: https://ubuntu.com/security/CVE-2024-1151
- Patch: ubuntu-jammy/5.15.0-106.116/CVE-2024-1151-net-openvswitch-limit-the-number-of-recursions-from-action-sets.patch
- From: 5.15.0-106.116
- CVE-2024-23849, CVSSv2 Score: 5.5
- Description:
net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv
- CVE: https://ubuntu.com/security/CVE-2024-23849
- Patch: ubuntu-jammy/5.15.0-106.116/CVE-2024-23849-net-rds-fix-ubsan-array-index-out-of-bounds-in.patch
- From: 5.15.0-106.116
- CVE-2024-26600, CVSSv2 Score: 5.5
- Description:
phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP
- CVE: https://ubuntu.com/security/CVE-2024-26600
- Patch: ubuntu-jammy/5.15.0-106.116/CVE-2024-26600-phy-ti-phy-omap-usb2-fix-null-pointer-dereference-for-srp.patch
- From: 5.15.0-106.116
- CVE-2024-26602, CVSSv2 Score: 5.5
- Description:
sched/membarrier: reduce the ability to hammer on sys_membarrier
- CVE: https://ubuntu.com/security/CVE-2024-26602
- Patch: ubuntu-jammy/5.15.0-106.116/CVE-2024-26602-sched-membarrier-reduce-the-ability-to-hammer-on.patch
- From: 5.15.0-106.116
- CVE-2023-52638, CVSSv2 Score: 5.5
- Description:
can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock
- CVE: https://ubuntu.com/security/CVE-2023-52638
- Patch: ubuntu-jammy/5.15.0-106.116/CVE-2023-52638-can-j1939-prevent-deadlock-by-changing-j1939-socks-lock-to.patch
- From: 5.15.0-106.116
- CVE-2023-52638, CVSSv2 Score: 5.5
- Description:
can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock (adaptation)
- CVE: https://ubuntu.com/security/CVE-2023-52638
- Patch: ubuntu-jammy/5.15.0-106.116/CVE-2023-52638-can-j1939-prevent-deadlock-by-changing-j1939-socks-lock-to-kpatch.patch
- From: 5.15.0-106.116