ubuntu jammy v1.621
Metadata:
BOSH Agent Version: 2.695.0
Kernel Version: 5.15.0.124.124
USNs:
Title: USN-7064-1: nano vulnerability
URL: https://ubuntu.com/security/notices/USN-7064-1
Priorities: medium
Description:
It was discovered that nano allowed a possible privilege escalation
through an insecure temporary file. If nano was killed while editing, the
permissions granted to the emergency save file could be used by an
attacker to escalate privileges using a malicious symlink.
CVEs:
Title: USN-7070-1: libarchive vulnerabilities
URL: https://ubuntu.com/security/notices/USN-7070-1
Priorities: critical,high
Description:
It was discovered that libarchive mishandled certain memory checks,
which could result in a NULL pointer dereference. An attacker could
potentially use this issue to cause a denial of service. This issue
only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS,
Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-36227)
It was discovered that libarchive mishandled certain memory operations,
which could result in an out-of-bounds memory access. An attacker could
potentially use this issue to cause a denial of service. This issue only
affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS.
(CVE-2024-48957, CVE-2024-48958)
CVEs:
- https://ubuntu.com/security/CVE-2022-36227
- https://ubuntu.com/security/CVE-2024-48957
- https://ubuntu.com/security/CVE-2024-48958
Title: USN-7071-1: Linux kernel vulnerability
URL: https://ubuntu.com/security/notices/USN-7071-1
Priorities: medium
Description:
A security issue was discovered in the Linux kernel.
An attacker could possibly use this to compromise the system.
This update corrects flaws in the following subsystems:
- Network traffic control;
(CVE-2024-45016)
CVEs: - https://ubuntu.com/security/CVE-2024-45016
Title: USN-7072-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-7072-1
Priorities: unknown,high,medium
Description:
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Watchdog drivers;
- Netfilter;
- Network traffic control;
(CVE-2024-38630, CVE-2024-27397, CVE-2024-45016)
CVEs: - https://ubuntu.com/security/CVE-2024-27397
- https://ubuntu.com/security/CVE-2024-38630
- https://ubuntu.com/security/CVE-2024-45016
Title: USN-7076-1: Linux kernel (Azure) vulnerabilities
URL: https://ubuntu.com/security/notices/USN-7076-1
Priorities: unknown,high,medium
Description:
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Microsoft Azure Network Adapter (MANA) driver;
- Watchdog drivers;
- Netfilter;
- Network traffic control;
(CVE-2024-27397, CVE-2024-45016, CVE-2024-45001, CVE-2024-38630)
CVEs: - https://ubuntu.com/security/CVE-2024-27397
- https://ubuntu.com/security/CVE-2024-38630
- https://ubuntu.com/security/CVE-2024-45001
- https://ubuntu.com/security/CVE-2024-45016