Ubuntu Security Notices
USN-7179-1

USN-7179-1: Linux kernel vulnerabilities

Publication date

20 December 2024

Overview

Several security issues were fixed in the Linux kernel.

Releases

22.04 LTS 20.04 LTS

Packages

linux - Linux kernel
linux-gkeop - Linux kernel for Google Container Engine (GKE) systems
linux-ibm - Linux kernel for IBM cloud systems
linux-ibm-5.15 - Linux kernel for IBM cloud systems
linux-kvm - Linux kernel for cloud environments
linux-lowlatency - Linux low latency kernel
linux-lowlatency-hwe-5.15 - Linux low latency kernel
linux-oracle-5.15 - Linux kernel for Oracle Cloud systems

Details

Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux
kernel contained a type-confusion error. A physically proximate remote
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2020-12351)

Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux
kernel did not properly initialize memory in some situations. A physically
proximate remote attacker could use this to expose sensitive information
(kernel memory). (CVE-2020-12352)

Andy Nguyen discovered that the Bluetooth HCI event packet parser in the
Linux kernel did not properly handle event advertisements of certain sizes,
leading to a heap-based buffer overflow. A physically proximate remote
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:

GPU drivers;
Media drivers;
Network drivers;
SMB network file system;
Bluetooth subsystem;
Amateur Radio drivers;
Network traffic control;
VMware vSockets driver

Update instructions

After a standard system update you need to reboot your computer to make all the necessary changes.

Learn more about how to get the fixes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.

The problem can be corrected by updating your system to the following package versions:

Ubuntu Release	Package Version
22.04 jammy	linux-image-5.15.0-1057-gkeop – 5.15.0-1057.64
	linux-image-5.15.0-1067-ibm – 5.15.0-1067.70
	linux-image-5.15.0-1071-kvm – 5.15.0-1071.76
	linux-image-5.15.0-128-lowlatency – 5.15.0-128.138
	linux-image-5.15.0-128-lowlatency-64k – 5.15.0-128.138
	linux-image-5.15.0-130-generic – 5.15.0-130.140
	linux-image-5.15.0-130-generic-64k – 5.15.0-130.140
	linux-image-5.15.0-130-generic-lpae – 5.15.0-130.140
	linux-image-generic – 5.15.0.130.128
	linux-image-generic-64k – 5.15.0.130.128
	linux-image-generic-lpae – 5.15.0.130.128
	linux-image-gkeop – 5.15.0.1057.56
	linux-image-gkeop-5.15 – 5.15.0.1057.56
	linux-image-ibm – 5.15.0.1067.63
	linux-image-kvm – 5.15.0.1071.67
	linux-image-lowlatency – 5.15.0.128.116
	linux-image-lowlatency-64k – 5.15.0.128.116
	linux-image-virtual – 5.15.0.130.128
20.04 focal	linux-image-5.15.0-1067-ibm – 5.15.0-1067.70~20.04.1
	linux-image-5.15.0-1072-oracle – 5.15.0-1072.78~20.04.1
	linux-image-5.15.0-128-lowlatency – 5.15.0-128.138~20.04.1
	linux-image-5.15.0-128-lowlatency-64k – 5.15.0-128.138~20.04.1
	linux-image-ibm – 5.15.0.1067.70~20.04.1
	linux-image-lowlatency-64k-hwe-20.04 – 5.15.0.128.138~20.04.1
	linux-image-lowlatency-hwe-20.04 – 5.15.0.128.138~20.04.1
	linux-image-oracle – 5.15.0.1072.78~20.04.1

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.

Get Ubuntu Pro

References

USN-7413-1
USN-7344-1
USN-7344-2
USN-7342-1
USN-7332-1
USN-7332-2
USN-7332-3
USN-7262-1
USN-7262-2
USN-7233-1
USN-7233-2
USN-7233-3
USN-7196-1
USN-7195-1
USN-7195-2
USN-7194-1
USN-7186-1
USN-7186-2
USN-7185-1
USN-7185-2
USN-7184-1
USN-7183-1
USN-7179-2
USN-7179-3
USN-7179-4
USN-7173-1
USN-7173-2
USN-7173-3
USN-7170-1
USN-7169-1
USN-7169-2
USN-7169-4
USN-7169-3
USN-7169-5
USN-7167-1
USN-7167-2
USN-7163-1
USN-7156-1
USN-7155-1
USN-7154-1
USN-7154-2
USN-7029-1
USN-7008-1
USN-7005-1
USN-7005-2
USN-7004-1
USN-6999-1
USN-6999-2
USN-6955-1
USN-6952-1
USN-6949-1
USN-6949-2
USN-6918-1
USN-6900-1
USN-6895-1
USN-6895-2
USN-6895-3
USN-6895-4
USN-6893-1
USN-6893-2
USN-6893-3
USN-4752-1
USN-4657-1
USN-4592-1
USN-4591-1
LSN-0109-1
LSN-0108-1
LSN-0074-1
LSN-0073-1

Have additional questions?

Talk to a member of the team ›