Ubuntu: (Multiple Advisories) (CVE-2024-26595): Linux kernel (OEM) vulnerabilities
Description
In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in error path When calling mlxsw_sp_acl_tcam_region_destroy() from an error path after failing to attach the region to an ACL group, we hit a NULL pointer dereference upon 'region->group->tcam' [1]. Fix by retrieving the 'tcam' pointer using mlxsw_sp_acl_to_tcam(). [1] BUG: kernel NULL pointer dereference, address: 0000000000000000 [...] RIP: 0010:mlxsw_sp_acl_tcam_region_destroy+0xa0/0xd0 [...] Call Trace: mlxsw_sp_acl_tcam_vchunk_get+0x88b/0xa20 mlxsw_sp_acl_tcam_ventry_add+0x25/0xe0 mlxsw_sp_acl_rule_add+0x47/0x240 mlxsw_sp_flower_replace+0x1a9/0x1d0 tc_setup_cb_add+0xdc/0x1c0 fl_hw_replace_filter+0x146/0x1f0 fl_change+0xc17/0x1360 tc_new_tfilter+0x472/0xb90 rtnetlink_rcv_msg+0x313/0x3b0 netlink_rcv_skb+0x58/0x100 netlink_unicast+0x244/0x390 netlink_sendmsg+0x1e4/0x440 ____sys_sendmsg+0x164/0x260 ___sys_sendmsg+0x9a/0xe0 __sys_sendmsg+0x7a/0xc0 do_syscall_64+0x40/0xe0 entry_SYSCALL_64_after_hwframe+0x63/0x6b
Solution(s)
- ubuntu-upgrade-linux-image-6-5-0-1015-starfive
- ubuntu-upgrade-linux-image-6-5-0-1017-laptop
- ubuntu-upgrade-linux-image-6-5-0-1018-raspi
- ubuntu-upgrade-linux-image-6-5-0-1021-aws
- ubuntu-upgrade-linux-image-6-5-0-1021-nvidia
- ubuntu-upgrade-linux-image-6-5-0-1021-nvidia-64k
- ubuntu-upgrade-linux-image-6-5-0-1022-azure
- ubuntu-upgrade-linux-image-6-5-0-1022-azure-fde
- ubuntu-upgrade-linux-image-6-5-0-1022-gcp
- ubuntu-upgrade-linux-image-6-5-0-1022-oem
- ubuntu-upgrade-linux-image-6-5-0-1024-oem
- ubuntu-upgrade-linux-image-6-5-0-1024-oracle
- ubuntu-upgrade-linux-image-6-5-0-1024-oracle-64k
- ubuntu-upgrade-linux-image-6-5-0-41-generic
- ubuntu-upgrade-linux-image-6-5-0-41-generic-64k
- ubuntu-upgrade-linux-image-6-5-0-41-lowlatency
- ubuntu-upgrade-linux-image-6-5-0-41-lowlatency-64k
- ubuntu-upgrade-linux-image-aws
- ubuntu-upgrade-linux-image-azure
- ubuntu-upgrade-linux-image-azure-fde
- ubuntu-upgrade-linux-image-gcp
- ubuntu-upgrade-linux-image-generic
- ubuntu-upgrade-linux-image-generic-64k
- ubuntu-upgrade-linux-image-generic-64k-hwe-22-04
- ubuntu-upgrade-linux-image-generic-hwe-22-04
- ubuntu-upgrade-linux-image-generic-lpae
- ubuntu-upgrade-linux-image-kvm
- ubuntu-upgrade-linux-image-laptop-23-10
- ubuntu-upgrade-linux-image-lowlatency
- ubuntu-upgrade-linux-image-lowlatency-64k
- ubuntu-upgrade-linux-image-lowlatency-64k-hwe-22-04
- ubuntu-upgrade-linux-image-lowlatency-hwe-22-04
- ubuntu-upgrade-linux-image-nvidia-6-5
- ubuntu-upgrade-linux-image-nvidia-64k-6-5
- ubuntu-upgrade-linux-image-nvidia-64k-hwe-22-04
- ubuntu-upgrade-linux-image-nvidia-hwe-22-04
- ubuntu-upgrade-linux-image-oem-22-04
- ubuntu-upgrade-linux-image-oem-22-04a
- ubuntu-upgrade-linux-image-oem-22-04b
- ubuntu-upgrade-linux-image-oem-22-04c
- ubuntu-upgrade-linux-image-oem-22-04d
- ubuntu-upgrade-linux-image-oracle
- ubuntu-upgrade-linux-image-oracle-64k
- ubuntu-upgrade-linux-image-raspi
- ubuntu-upgrade-linux-image-raspi-nolpae
- ubuntu-upgrade-linux-image-starfive
- ubuntu-upgrade-linux-image-virtual
- ubuntu-upgrade-linux-image-virtual-hwe-22-04
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center