Bugs addressed in recent updates
| Origin | Bug number | Title | Packages |
|---|---|---|---|
| CVE | CVE-2023-4508 | A user able to control file input to Gerbv, between versions 2.4.0 and 2.10.0, can cause a crash and cause denial-of-service with a specially crafted | gerbv gerbv |
| Launchpad | 2064090 | Automatically installed bit not transitioned to t64 libraries | ubuntu-release-upgrader ubuntu-release-upgrader |
| Launchpad | 2063464 | systemd-resolved wasn't installed on upgrade from Jammy to Noble | ubuntu-release-upgrader ubuntu-release-upgrader |
| Launchpad | 2061891 | Noble upgrade breaks iptables-persistent and netfilter-persistent usage | ubuntu-release-upgrader ubuntu-release-upgrader |
| CVE | CVE-2024-32662 | FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read. T | freerdp3 freerdp3 freerdp3 freerdp3 |
| CVE | CVE-2023-7207 | Debian's cpio contains a path traversal vulnerability. This issue was introduced by reverting CVE-2015-1197 patches which had caused a regression in | cpio cpio cpio cpio cpio cpio cpio cpio cpio cpio cpio cpio |
| CVE | CVE-2024-32487 | less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation | less less less less less less less less |
| CVE | CVE-2021-47070 | In the Linux kernel, the following vulnerability has been resolved: uio_hv_generic: Fix another memory leak in error handling paths Memory allocate | linux |
| CVE | CVE-2024-26614 | In the Linux kernel, the following vulnerability has been resolved: tcp: make sure init the accept_queue's spinlocks once When I run syz's reproduc | linux |
| CVE | CVE-2021-47063 | In the Linux kernel, the following vulnerability has been resolved: drm: bridge/panel: Cleanup connector on bridge detach If we don't call drm_conn | linux |
| Launchpad | 2060019 | Focal update: v5.4.270 upstream stable release | linux |
| Launchpad | 2060216 | Focal update: v5.4.271 upstream stable release | linux |
| CVE | CVE-2024-26593 | In the Linux kernel, the following vulnerability has been resolved: i2c: i801: Fix block process call transactions According to the Intel datasheet | linux |
| CVE | CVE-2024-26712 | In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Fix addr error caused by page alignment In kasan_init_region, wh | linux linux |
| CVE | CVE-2024-26710 | In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Limit KASAN thread size increase to 32KB KASAN is seen to increa | linux |
| CVE | CVE-2024-26704 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix double-free of blocks due to wrong extents moved_len In ext4_move_ext | linux |
| CVE | CVE-2024-26694 | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fix double-free bug The storage for the TLV PC register data was | linux |
| CVE | CVE-2024-26734 | In the Linux kernel, the following vulnerability has been resolved: devlink: fix possible use-after-free and memory leaks in devlink_init() The per | linux |
| CVE | CVE-2024-26789 | In the Linux kernel, the following vulnerability has been resolved: crypto: arm64/neonbs - fix out-of-bounds access on short input The bit-sliced i | linux |
| CVE | CVE-2024-26805 | In the Linux kernel, the following vulnerability has been resolved: netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter syzbot reported | linux |
About
-
Send Feedback to @ubuntu_updates
