USN-6923-1

Description

linux, linux-aws, linux-gcp, linux-gke, linux-gkeop, linux-gkeop-5.15, linux-hwe-5.15, linux-intel-iotg, linux-intel-iotg-5.15, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle vulnerabilities Benedict Schlüter, Supraja Sridhara, Andrin Bertschi, and Shweta Shinde discovered that an untrusted hypervisor could inject malicious #VC interrupts and compromise the security guarantees of AMD SEV-SNP. This flaw is known as WeSee. A local attacker in control of the hypervisor could use this to expose sensitive information or possibly execute arbitrary code in the trusted execution environment. (CVE-2024-25742) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - TTY drivers; - SMB network file system; - Netfilter; - Bluetooth subsystem; (CVE-2024-26886, CVE-2024-26952, CVE-2023-52752, CVE-2024-27017, CVE-2024-36016)

Affected Systems

• ubuntu•linux

  < 5.15.0-117.127

• ubuntu•linux-aws

  < 5.15.0-1066.72

• ubuntu•linux-gcp

  < 5.15.0-1065.73

• ubuntu•linux-gke

  < 5.15.0-1063.69

• ubuntu•linux-gkeop

  < 5.15.0-1049.56

• ubuntu•linux-gkeop-5.15

  < 5.15.0-1049.56~20.04.1

• ubuntu•linux-hwe-5.15

  < 5.15.0-117.127~20.04.1

• ubuntu•linux-intel-iotg

  < 5.15.0-1061.67

• ubuntu•linux-intel-iotg-5.15

  < 5.15.0-1061.67~20.04.1

• ubuntu•linux-kvm

  < 5.15.0-1063.68

• ubuntu•linux-lowlatency

  < 5.15.0-117.127

• ubuntu•linux-lowlatency-hwe-5.15

  < 5.15.0-117.127~20.04.1

• ubuntu•linux-nvidia

  < 5.15.0-1061.62

• ubuntu•linux-oracle

  < 5.15.0-1064.70

References (7)

• https://ubuntu.com/security/notices/USN-6923-1
• https://ubuntu.com/security/CVE-2023-52752
• https://ubuntu.com/security/CVE-2024-25742
• https://ubuntu.com/security/CVE-2024-26886
• https://ubuntu.com/security/CVE-2024-26952
• https://ubuntu.com/security/CVE-2024-27017
• https://ubuntu.com/security/CVE-2024-36016