Software description
- aws – Linux kernel for Amazon Web Services (AWS) systems - (>= 5.4.0-1009, >= 5.4.0-1061, >= 5.15.0-1000, >= 6.8.0-1008)
- aws-5.15 – Linux kernel for Amazon Web Services (AWS) systems - (>= 5.15.0-1000)
- aws-6.8 – Linux kernel for Amazon Web Services (AWS) systems - (>= 6.8.0-1000)
- azure – Linux kernel for Microsoft Azure Cloud systems - (>= 5.15.0-1000, >= 6.8.0-1007)
- azure-5.15 – Linux kernel for Microsoft Azure cloud systems - (>= 5.15.0-1069)
- gcp – Linux kernel for Google Cloud Platform (GCP) systems - (>= 5.15.0-1000, >= 6.8.0-1007)
- gcp-5.15 – Linux kernel for Google Cloud Platform (GCP) systems - (>= 5.15.0-1000)
- gcp-6.8 – Linux kernel for Google Cloud Platform (GCP) systems - (>= 6.8.0-1000)
- generic-5.15 – Linux hardware enablement (HWE) kernel - (>= 5.15.0-0)
- generic-5.4 – Linux kernel - (>= 5.4.0-150, >= 5.4.0-26)
- gke – Linux kernel for Google Container Engine (GKE) systems - (>= 5.15.0-1000)
- ibm – Linux kernel for IBM cloud systems - (>= 5.15.0-1000, >= 6.8.0-1005)
- aws – Linux kernel for Amazon Web Services (AWS) systems - (>= 5.4.0-1009, >= 5.4.0-1061, >= 5.15.0-1000, >= 6.8.0-1008)
- aws-5.15 – Linux kernel for Amazon Web Services (AWS) systems - (>= 5.15.0-1000)
- aws-6.8 – Linux kernel for Amazon Web Services (AWS) systems - (>= 6.8.0-1000)
- azure – Linux kernel for Microsoft Azure Cloud systems - (>= 5.15.0-1000, >= 6.8.0-1007)
- azure-5.15 – Linux kernel for Microsoft Azure cloud systems - (>= 5.15.0-1069)
- gcp – Linux kernel for Google Cloud Platform (GCP) systems - (>= 5.15.0-1000, >= 6.8.0-1007)
- gcp-5.15 – Linux kernel for Google Cloud Platform (GCP) systems - (>= 5.15.0-1000)
- gcp-6.8 – Linux kernel for Google Cloud Platform (GCP) systems - (>= 6.8.0-1000)
- generic-5.15 – Linux hardware enablement (HWE) kernel - (>= 5.15.0-0)
- generic-5.4 – Linux kernel - (>= 5.4.0-150, >= 5.4.0-26)
- gke – Linux kernel for Google Container Engine (GKE) systems - (>= 5.15.0-1000)
- ibm – Linux kernel for IBM cloud systems - (>= 5.15.0-1000, >= 6.8.0-1005)
- ibm-5.15 – Linux kernel for IBM cloud systems - (>= 5.15.0-1000)
- ibm-6.8 – Linux kernel for IBM cloud systems - (>= 6.8.0-1000)
- linux – Linux kernel - (>= 5.15.0-71, >= 5.15.0-24, >= 6.8.0-1, >= 6.17.0-1)
- lowlatency-5.15 – Linux hardware enablement (HWE) kernel - (>= 5.15.0-0)
- lowlatency-5.4 – Linux kernel - (>= 5.4.0-150, >= 5.4.0-26)
- oracle – Linux kernel for Oracle Cloud systems - (>= 5.15.0-1055, >= 6.8.0-1005)
- oracle-5.15 – Linux kernel for Oracle Cloud systems - (>= 5.15.0-1055)
Details
In the Linux kernel, the following vulnerability has been
resolved: smb: client: fix UAF in async decryption Doing an async
decryption (large read) crashes with a slab-use-after-free way down in the
crypto API.
In the Linux kernel, the following vulnerability has been
resolved: padata: avoid UAF for reorder_work Although the previous patch
can avoid ps and ps UAF for _do_serial, it can not avoid potential UAF
issue for reorder_work.
In the Linux kernel, the following vulnerability has been
resolved: exfat: fix random stack corruption after get_block When get_block
is called with a buffer_head allocated on the stack, such as
do_mpage_readpage, stack corruption due to buffer_head UAF may occur in the
following race condition situation.
In the Linux kernel, the following vulnerability has been
resolved: smb: client: fix use-after-free in crypt_message when using async
crypto The
In the Linux kernel, the following vulnerability has been
resolved: smb: client: fix UAF in async decryption Doing an async
decryption (large read) crashes with a slab-use-after-free way down in the
crypto API.
In the Linux kernel, the following vulnerability has been
resolved: padata: avoid UAF for reorder_work Although the previous patch
can avoid ps and ps UAF for _do_serial, it can not avoid potential UAF
issue for reorder_work.
In the Linux kernel, the following vulnerability has been
resolved: exfat: fix random stack corruption after get_block When get_block
is called with a buffer_head allocated on the stack, such as
do_mpage_readpage, stack corruption due to buffer_head UAF may occur in the
following race condition situation.
In the Linux kernel, the following vulnerability has been
resolved: smb: client: fix use-after-free in crypt_message when using async
crypto The CVE-2024-50047 fix removed asynchronous crypto handling from
crypt_message(), assuming all crypto operations are synchronous.
In the Linux kernel, the following vulnerability has been
resolved: ksmbd: fix Preauh_HashValue race condition If client send
multiple session setup requests to ksmbd, Preauh_HashValue race condition
could happen.
In the Linux kernel, the following vulnerability has been
resolved: io_uring/futex: ensure io_futex_wait() cleans up properly on
failure The io_futex_data is allocated upfront and assigned to the io_kiocb
async_data field, but the request isn't marked with REQ_F_ASYNC_DATA at
that point.
In the Linux kernel, the following vulnerability has been
resolved: af_unix: Initialise scc_index in unix_add_edge().
Checking update status
To check your kernel type and Livepatch version, enter this command:
canonical-livepatch statusThe problem can be corrected in these Livepatch versions:
| Kernel type | 25.10 | 24.04 | 22.04 | 20.04 | 18.04 |
|---|---|---|---|---|---|
| aws | — | 118.2 | 118.1 | 118.2 | — |
| aws-5.15 | — | — | — | 118.1 | — |
| aws-6.8 | — | — | 118.2 | — | — |
| azure | — | 118.1 | 118.1 | — | — |
| azure-5.15 | — | — | — | 118.1 | — |
| gcp | — | 118.2 | 118.1 | — | — |
| gcp-5.15 | — | — | — | 118.1 | — |
| gcp-6.8 | — | — | 118.2 | — | — |
| generic-5.15 | — | — | — | 118.1 | — |
| generic-5.4 | — | — | — | 118.2 | 118.2 |
| gke | — | — | 118.2 | — | — |
| ibm | — | 118.2 | 118.2 | — | — |
| ibm-5.15 | — | — | — | 118.2 | — |
| ibm-6.8 | — | — | 118.2 | — | — |
| linux | 118.1 | 118.1 | 118.1 | — | — |
| lowlatency-5.15 | — | — | — | 118.1 | — |
| lowlatency-5.4 | — | — | — | 118.2 | 118.2 |
| oracle | — | 118.1 | 118.1 | — | — |
| oracle-5.15 | — | — | — | 118.1 | — |
References
Have additional questions?