Bugs addressed in recent updates
| Origin | Bug number | Title | Packages |
|---|---|---|---|
| Launchpad | 2131259 | Questing update: v6.17.4 upstream stable release | linux linux-hwe-6.17 linux |
| Launchpad | 2128792 | Re-enable INTEL_SKL_INT3472 for kernels \u003e= 6.16 for Intel IPU camera | linux linux-hwe-6.17 linux |
| Launchpad | 2131136 | crash when reading from /sys/kernel/tracing/rv/enabled_monitors | linux linux-hwe-6.17 linux |
| Launchpad | 2129770 | kernel crash on bootup for some arm64 machines | linux linux-hwe-6.17 linux |
| Launchpad | 2132095 | The machine didn\u2019t go into suspend and got stuck | linux linux-hwe-6.17 linux |
| CVE | CVE-2023-0466 | The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. How | edk2 edk2 edk2 edk2 |
| CVE | CVE-2023-0465 | Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain check | edk2 edk2 edk2 edk2 |
| CVE | CVE-2024-6119 | Issue summary: Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory | edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 |
| CVE | CVE-2024-38796 | EDK2 contains a vulnerability in the PeCoffLoaderRelocateImage(). An Attacker may cause memory corruption due to an overflow via an adjacent network. | edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 |
| CVE | CVE-2024-1298 | EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access. A | edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 |
| CVE | CVE-2023-45237 | EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unaut | edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 |
| CVE | CVE-2023-45236 | EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unaut | edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 |
| CVE | CVE-2023-3817 | Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_ | edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 |
| CVE | CVE-2023-3446 | Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_ | edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 |
| CVE | CVE-2025-3770 | EDK2 contains a vulnerability in BIOS where an attacker may cause “Protection Mechanism Failure” by local access. Successful exploitation of this vul | edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 |
| CVE | CVE-2025-2295 | EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vu | edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 |
| CVE | CVE-2024-38805 | EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vu | edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 |
| CVE | CVE-2024-38797 | EDK2 contains a vulnerability in the HashPeImageByType(). A user may cause a read out of bounds when a corrupted data pointer and length are sent via | edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 |
| CVE | CVE-2024-50067 | In the Linux kernel, the following vulnerability has been resolved: uprobe: avoid out-of-bounds memory access of fetching args Uprobe needs to fetc | linux |
| CVE | CVE-2025-38584 | In the Linux kernel, the following vulnerability has been resolved: padata: Fix pd UAF once and for all There is a race condition/UAF in padata_reo | linux linux linux |
About
-
Send Feedback to @ubuntu_updates
