UbuntuUpdates.org

Bugs addressed in recent updates

All Launchpad Ubuntu Debian CVE

Origin Bug number Title Packages
Launchpad 2132095 The machine didn\u2019t go into suspend and got stuck linux linux-hwe-6.17 linux linux-hwe-6.17 linux-hwe-6.17
CVE CVE-2023-0466 The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. How edk2 edk2 edk2 edk2
CVE CVE-2023-0465 Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain check edk2 edk2 edk2 edk2
CVE CVE-2024-6119 Issue summary: Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2
CVE CVE-2024-38796 EDK2 contains a vulnerability in the PeCoffLoaderRelocateImage(). An Attacker may cause memory corruption due to an overflow via an adjacent network. edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2
CVE CVE-2024-1298 EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access. A edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2
CVE CVE-2023-45237 EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unaut edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2
CVE CVE-2023-45236 EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unaut edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2
CVE CVE-2023-3817 Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_ edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2
CVE CVE-2023-3446 Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_ edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2
CVE CVE-2025-3770 EDK2 contains a vulnerability in BIOS where an attacker may cause “Protection Mechanism Failure” by local access. Successful exploitation of this vul edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2
CVE CVE-2025-2295 EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vu edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2
CVE CVE-2024-38805 EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vu edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2
CVE CVE-2024-38797 EDK2 contains a vulnerability in the HashPeImageByType(). A user may cause a read out of bounds when a corrupted data pointer and length are sent via edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2
CVE CVE-2024-50067 In the Linux kernel, the following vulnerability has been resolved: uprobe: avoid out-of-bounds memory access of fetching args Uprobe needs to fetc linux linux
CVE CVE-2025-38584 In the Linux kernel, the following vulnerability has been resolved: padata: Fix pd UAF once and for all There is a race condition/UAF in padata_reo linux linux linux linux
CVE CVE-2022-49390 In the Linux kernel, the following vulnerability has been resolved: macsec: fix UAF bug for real_dev Create a new macsec device but not get referen linux linux
CVE CVE-2025-40019 In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Check ssize for decryption and in-place encryption Move the ssi linux linux linux-hwe-6.17 linux linux linux linux-hwe-6.17 linux linux-hwe-6.17
Launchpad 2127866 Jammy update: v5.15.194 upstream stable release linux linux
Launchpad 2130553 Jammy Linux: Introduced Warning with CVE-2024-53090 fix linux linux


About   -   Send Feedback to @ubuntu_updates